Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Avira Free Antivirus hat TR/Agent.57344.206 gefunden - Trojanische Pferd (https://www.trojaner-board.de/136976-avira-free-antivirus-hat-tr-agent-57344-206-gefunden-trojanische-pferd.html)

sunshinebabe 21.06.2013 13:20
Avira Free Antivirus hat TR/Agent.57344.206 gefunden - Trojanische Pferd
 
Hallo,

ich hoffe Ihr könnt mir weiterhelfen. Avira Free Antivirus hat bei mir einen Fund von TR/Agent.57344.206 angezeigt. Wenn ich auf entfernen drücke, wird der Fund in die Quarantäne verschoben. Denn noch ist die Datei nicht gelöscht und Avira Free Antivirus findet immer noch die selbe Datei. Andere Antivirus-Programme (Ad-Aware, Spybote, etc.) haben leider nichts gefunden. Wie kann ich den Fund löschen? Ich bitte euch um eure Hilfe, da ich mich auch nicht so gut mit so etwas auskenne.OTL Logfile:
Code:
OTL logfile created on: 21.06.2013 13:36:26 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Honey\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,32% Memory free
7,96 Gb Paging File | 5,91 Gb Available in Paging File | 74,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,15 Gb Total Space | 348,99 Gb Free Space | 77,18% Space Free | Partition Type: NTFS
 
Computer Name: HONEY-VAIO | User Name: Honey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Honey\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV - (vToolbarUpdater15.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SXDS10) -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe (soft Xpansion)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (IB Updater) -- C:\Programme\IB Updater\ExtensionUpdaterService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (DCDhcpService) -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe (Atheros Communication Inc.)
SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes,DefaultScope = {AE964E5E-C560-43DE-B7C9-DBEC33B131F9}
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{255F4D76-2D97-4962-8A3D-058AD48A57B9}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{4531C4FD-21DB-4C85-806A-68C4B9BFEBDB}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=d553a4b0-a6e8-4ada-bf2c-ef701486df43&apn_sauid=3C0E634F-27E2-4FEF-9DB3-F59AB3C77021
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{AE964E5E-C560-43DE-B7C9-DBEC33B131F9}: "URL" = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{AEBDF6EB-D307-4CBC-BDF0-8074A44A4AFC}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{C50DE191-83F9-47BA-BB0F-81D68CE35AC7}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\SearchScopes\{F66BE474-53C1-47C8-AD33-CB746FDE3287}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 10:02:59 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.03.01 10:02:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012.08.31 18:27:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.03 17:52:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013.03.01 10:02:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox [2013.03.01 10:02:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.03 17:06:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.03 17:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.03 17:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.03 17:06:32 | 000,000,000 | ---D | M]
 
[2011.10.15 21:42:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honey\AppData\Roaming\mozilla\Extensions
[2013.06.05 21:32:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Honey\AppData\Roaming\mozilla\Firefox\Profiles\ef40seh2.default\extensions
[2013.05.17 16:43:30 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\Honey\AppData\Roaming\mozilla\Firefox\Profiles\ef40seh2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.03.24 20:05:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Honey\AppData\Roaming\mozilla\Firefox\Profiles\ef40seh2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.05.19 20:55:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.19 20:55:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.10.15 21:21:42 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.578_0\
CHR - Extension: No name found = C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\
CHR - Extension: No name found = C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.8_0\
CHR - Extension: No name found = C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko\1.0.0.6_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Programme\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Programme\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1608208894-3311642015-2121124740-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Programme\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C947C79F-330D-42C2-A91A-0BA1FF45D490}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2492a5ca-f736-11e0-a086-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2492a5ca-f736-11e0-a086-806e6f6e6963}\Shell\AutoRun\command - "" = D:\KOCHSTARTER.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.21 13:24:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Honey\Desktop\OTL.exe
[2013.06.21 13:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FromDocToPDF_65EI
[2013.06.21 11:27:51 | 000,000,000 | R--D | C] -- C:\Users\Honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.06.20 23:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.20 23:19:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.06.20 23:19:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.20 23:04:19 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\AVG Secure Search
[2013.06.20 22:20:31 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
[2013.06.20 22:19:40 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.06.20 22:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013.06.20 22:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013.06.18 10:23:04 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{1056D527-3ECF-44D1-95DB-BF46A2D5A4D9}
[2013.06.17 17:46:14 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{71F82577-7A1A-4D67-96A8-8E7D3B9680D2}
[2013.06.16 21:55:34 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{F1411FFD-0068-4013-A3D2-B951685C57CA}
[2013.06.16 21:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2013.06.15 22:35:02 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{71E6CC78-7174-4DB6-9FA8-C342FD47AD8C}
[2013.06.15 19:15:57 | 000,000,000 | ---D | C] -- C:\Users\Honey\Documents\SimCity
[2013.06.15 18:54:22 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2013.06.15 08:01:06 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{51871D53-1D98-4F4A-B54B-F36892D1D0A8}
[2013.06.14 20:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.14 20:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.14 20:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.14 20:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.14 20:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.14 18:20:49 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Google
[2013.06.14 18:15:07 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.06.14 18:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2013.06.14 09:03:28 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{57CC476A-C1FF-41AF-8157-34F19CE51197}
[2013.06.13 21:11:21 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 20:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxis
[2013.06.11 13:40:34 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{006B674A-8953-47FE-838B-FE0F600FF420}
[2013.06.10 09:45:43 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{A85A67BA-DF02-41D2-835C-FE37113B41ED}
[2013.06.09 08:25:11 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{67F3D753-09E4-49CB-A16D-B0053FA53F7A}
[2013.06.08 13:36:06 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{CD3100D1-59E0-47B5-9F87-1C4D09908C08}
[2013.06.07 20:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.06.07 20:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.06.07 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{14E69EA2-8725-444B-B324-1B05D257AD21}
[2013.06.06 20:58:34 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{B8FA846C-6895-4389-AF55-9AF995492A89}
[2013.06.06 08:58:16 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{F42863DB-C42B-4646-B385-7290EA6BFE13}
[2013.06.05 19:03:08 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{27699CFD-8E0D-4630-84AC-5255C89F5A48}
[2013.06.04 08:35:29 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{CD0603A9-7097-4709-AC3E-8B689AAA26A7}
[2013.06.03 17:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.06.03 17:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.06.03 15:08:08 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{C69C325B-A781-4E60-9CFA-143E6191C571}
[2013.06.03 12:34:08 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\LavasoftStatistics
[2013.06.03 12:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013.06.03 12:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.06.03 12:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013.06.03 12:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013.06.03 12:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013.06.03 12:30:53 | 000,000,000 | ---D | C] -- C:\ProgramData\adawaretb
[2013.06.03 12:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2013.06.03 12:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013.06.03 12:29:41 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.06.03 12:29:40 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
[2013.06.03 11:15:00 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{3A975F98-6270-4CB5-8CCC-5573C7612283}
[2013.06.03 10:43:06 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Malwarebytes
[2013.06.03 10:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.01 07:29:04 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{580EB522-F702-49A8-87A7-343F1D48D4C0}
[2013.05.31 11:08:30 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{014FD6B5-CBCD-4F2F-940D-D3D056ACC676}
[2013.05.31 08:49:39 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Unix
[2013.05.31 08:49:39 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Obyv
[2013.05.31 08:49:39 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Roaming\Doriip
[2013.05.29 11:06:16 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{098DEC51-F5F8-46DD-9B85-689920840BF8}
[2013.05.28 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{0D5EB7EA-9BB8-4031-84FC-4458ECEC7BAB}
[2013.05.27 22:41:36 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{7E0802D5-AFC7-41F2-B37A-EF0BFC992B9A}
[2013.05.27 08:34:09 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{EAC1C630-ED67-47C2-AD1C-327228A1E0CA}
[2013.05.26 20:56:22 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
[2013.05.26 20:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2013.05.26 18:30:12 | 001,143,787 | ---- | C] (Ubisoft                                                    ) -- C:\Users\Honey\Settlers7_GOLD_Setup.exe
[2013.05.26 18:29:48 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\Downloader
[2013.05.26 16:58:42 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{2A22724A-7660-4AA6-8152-EE0AB7133D3C}
[2013.05.24 09:14:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\soft Xpansion
[2013.05.24 09:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Freemium
[2013.05.24 09:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemium
[2013.05.24 08:22:54 | 000,000,000 | ---D | C] -- C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
[2013.05.24 08:17:11 | 000,000,000 | ---D | C] -- C:\Users\Honey\Desktop\Kindergeld
[2013.05.24 08:12:00 | 000,000,000 | ---D | C] -- C:\Users\Honey\Desktop\Elterngeld - Formulare
[2013.05.23 10:29:29 | 000,000,000 | ---D | C] -- C:\Users\Honey\AppData\Local\{BA4FCBC3-3A79-49E2-8517-6229A5450E40}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.21 13:24:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Honey\Desktop\OTL.exe
[2013.06.21 11:34:28 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.21 11:34:28 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.21 11:31:27 | 001,614,036 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.21 11:31:27 | 000,697,322 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.21 11:31:27 | 000,652,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.21 11:31:27 | 000,148,328 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.21 11:31:27 | 000,121,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.21 11:26:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.21 11:26:33 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.20 22:21:10 | 000,000,162 | ---- | M] () -- C:\Windows\Reimage.ini
[2013.06.20 22:19:16 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.06.15 18:54:28 | 000,001,276 | ---- | M] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013.06.14 21:37:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.14 19:50:31 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
[2013.06.13 20:55:13 | 000,000,531 | ---- | M] () -- C:\Windows\eReg.dat
[2013.06.11 13:51:22 | 000,000,513 | ---- | M] () -- C:\Windows\wininit.ini
[2013.06.05 18:44:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.04 22:43:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.03 12:29:41 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.05.27 09:36:08 | 000,027,847 | ---- | M] () -- C:\test.xml
[2013.05.26 20:23:59 | 165,550,590 | ---- | M] () -- C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
[2013.05.26 20:20:51 | 2000,000,000 | ---- | M] () -- C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
[2013.05.26 19:45:32 | 2000,000,000 | ---- | M] () -- C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
[2013.05.26 19:11:26 | 1998,856,192 | ---- | M] () -- C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
[2013.05.26 18:30:15 | 001,143,787 | ---- | M] (Ubisoft                                                    ) -- C:\Users\Honey\Settlers7_GOLD_Setup.exe
[2013.05.24 09:14:02 | 000,010,464 | ---- | M] () -- C:\Windows\SysWow64\sx_p2d.tlb
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.20 22:18:35 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.ini
[2013.06.15 18:54:28 | 000,001,276 | ---- | C] () -- C:\Users\Public\Desktop\SimCity™.lnk
[2013.06.14 19:50:31 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
[2013.06.13 20:55:13 | 000,000,531 | ---- | C] () -- C:\Windows\eReg.dat
[2013.06.05 22:11:43 | 000,000,513 | ---- | C] () -- C:\Windows\wininit.ini
[2013.05.26 20:20:51 | 165,550,590 | ---- | C] () -- C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
[2013.05.26 19:45:32 | 2000,000,000 | ---- | C] () -- C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
[2013.05.26 19:11:26 | 2000,000,000 | ---- | C] () -- C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
[2013.05.26 18:30:15 | 1998,856,192 | ---- | C] () -- C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
[2013.05.24 09:14:02 | 000,010,464 | ---- | C] () -- C:\Windows\SysWow64\sx_p2d.tlb
[2013.05.24 08:43:46 | 000,023,624 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.06.18 21:32:57 | 001,942,665 | ---- | C] () -- C:\Users\Honey\spatz.JPG
[2012.06.09 16:30:32 | 000,457,319 | ---- | C] () -- C:\Users\Honey\kfgukou.JPG
[2012.06.09 15:54:39 | 000,001,532 | ---- | C] () -- C:\Users\Honey\AppData\Local\recently-used.xbel
[2012.05.28 20:56:51 | 000,542,236 | ---- | C] () -- C:\Users\Honey\tgwgf.JPG
[2012.01.16 23:24:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Logs
[2012.01.16 23:24:13 | 000,000,268 | RH-- | C] () -- C:\Users\Honey\AppData\Roaming\Libraries
[2012.01.16 23:24:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012.01.16 23:23:39 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MAS
[2012.01.16 23:23:39 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Limiter
[2012.01.16 23:23:39 | 000,000,268 | RH-- | C] () -- C:\Users\Honey\AppData\Roaming\Licenses
[2012.01.16 23:23:39 | 000,000,268 | RH-- | C] () -- C:\Users\Honey\AppData\Roaming\Legacy
[2012.01.16 23:23:39 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012.01.16 23:23:39 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012.01.09 23:21:35 | 000,001,091 | ---- | C] () -- C:\Users\Honey\Dokumente - Verknüpfung.lnk
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.03 17:26:48 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
[2013.06.19 14:44:23 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Doriip
[2013.06.07 20:54:45 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\DVDVideoSoft
[2012.03.24 20:05:29 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.13 19:12:41 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Frogwares
[2012.08.31 18:01:02 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Leadertech
[2012.01.16 23:32:17 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Nikon
[2013.06.18 18:47:38 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Obyv
[2013.06.15 18:37:49 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Origin
[2011.12.23 18:53:22 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\ScreeNet iSaver
[2013.05.26 21:06:06 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\SoftGrid Client
[2012.01.11 22:49:26 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\toolplugin
[2011.10.15 17:25:11 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\TP
[2013.02.12 19:48:53 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\TuneUp Software
[2013.05.31 08:49:39 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Unix
[2011.12.14 13:56:16 | 000,000,000 | ---D | M] -- C:\Users\Honey\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2013.06.21 11:26:33 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.21 11:26:35 | 4275,945,472 | -HS- | M] () -- C:\pagefile.sys
[2013.05.24 08:43:19 | 000,000,100 | ---- | M] () -- C:\SetSearchAndHomepageInBrowserLog.txt
[2011.10.16 10:07:11 | 000,000,074 | -H-- | M] () -- C:\splash.idx
[2013.05.27 09:36:08 | 000,027,847 | ---- | M] () -- C:\test.xml
[2012.12.13 19:32:27 | 000,000,761 | ---- | M] () -- C:\user.js
[2011.06.20 10:16:28 | 000,004,112 | -H-- | M] () -- C:\version
 
< %systemroot%\system32\*.wt >
 
< %systemroot%\system32\*.ruy >
 
< %systemroot%\Fonts\*.com >
[2009.07.14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2009.06.10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.scr >
[2012.03.08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2009.07.14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2013.06.08 13:40:01 | 013,760,512 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\user32.dll /md5 >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\system32\user32.dll
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\system32\ws2_32.dll
 
< %systemroot%\system32\ws2help.dll /md5 >
[2009.07.14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\system32\ws2help.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >
--- --- ---
OTL EXTRAS Logfile:
OTL Logfile:
Code:
OTL Extras logfile created on: 21.06.2013 13:36:26 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Honey\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,32% Memory free
7,96 Gb Paging File | 5,91 Gb Available in Paging File | 74,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,15 Gb Total Space | 348,99 Gb Free Space | 77,18% Space Free | Partition Type: NTFS
 
Computer Name: HONEY-VAIO | User Name: Honey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07204B0C-BD75-400E-BFF3-EEEFEFE63E12}" = rport=139 | protocol=6 | dir=out | app=system |
"{091DDE4D-D1B1-4B11-9B96-4A0B1FCABA0A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{140B56F1-A232-4474-9841-3F9868D95FDC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{146A2EF3-20BC-4C3D-9EB8-A5A59A200B7C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1479C0DD-6C92-4046-A8BE-6FB32532D0D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A01D70D-18CD-4176-B591-ED78EDDCB346}" = lport=53 | protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\dcdhcpservice.exe |
"{2D898C5C-62DF-49C0-8C7B-98F7F2D3B342}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{304FDDC6-3244-4CD5-852D-D5FD8C239B2F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3AC55FE1-3630-484F-935E-DCB644E02E61}" = rport=138 | protocol=17 | dir=out | app=system |
"{3D4C25C5-D856-4C98-A510-EB00596ACBFB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{48633321-FF69-4039-BC08-A160249173DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{518BB9DE-2DE5-4157-8CD8-EB29FB6F7588}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{591FB9AB-5EDB-4B58-BEA1-4EF111EA15B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{621A6221-8274-476C-B1BA-A6F7AB82112B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6CCBB509-CAAE-4B3F-B7AE-11F0C4F33810}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7331F8FC-590F-46F4-B0C1-7590FED4E421}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F0DBA32-A544-4982-9A63-FBE7D6FD1BF7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{862296FE-631E-4024-83C6-377DBFCC9674}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{88A561B1-8A55-41C8-A671-160CCCA67A73}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89E6EB29-4F28-4C74-B732-992690E9B671}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A7A993F6-0EA2-4B1F-945F-A84293D628D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A83C058F-5167-4571-AFF3-0DC13C4E2B3D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A83C38B7-CFEF-4025-BAA6-A17CA223E299}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA7F2292-833E-4165-A79B-17E7EB54B88F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AAE0F2FF-7052-4FF9-B196-5756B8F948F9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BC2813AB-B9DC-4D04-9C22-6147CF13D273}" = lport=137 | protocol=17 | dir=in | app=system |
"{BD3E8E61-6DEA-4598-A7DA-A733B3397AC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BEB21666-7E37-4710-8364-DDED211074B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCF62713-9BAC-420F-970B-6406CF9601EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D00757F5-5BC2-4261-8257-4CCA0BAC9872}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D25250D5-7061-4007-B0B8-9DBD0070D410}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D8C3AF9E-9E21-4E8A-9FCE-025EA5FB16D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{DB192EF9-F61D-4F52-AD20-DAA4DF391722}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E37C3D38-5052-4A33-8AE5-95618F4E9DA3}" = lport=445 | protocol=6 | dir=in | app=system |
"{FFF78941-B51C-4DC2-897F-59204E57E2C6}" = lport=80 | protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04ED4091-4345-4976-9B9B-714B0CAAF576}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{098493D5-21EA-4170-97D6-66C9427A6F06}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{0D1E247E-2A9C-40C0-8906-7ED5BB01B661}" = dir=in | app=c:\program files (x86)\hometab\tbupdater.dll |
"{10BA135A-903A-41C2-9B09-3EE97E932C97}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{18399E6D-8B99-4E21-92E4-3EF76BC76FFA}" = protocol=6 | dir=out | app=system |
"{19548293-F80E-44BC-A8F1-63C47EF5BB6D}" = protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
"{1C564173-409F-4AF3-AE11-92E0784325A4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{224BD158-F033-46C4-922A-1AF653214180}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2DDE91AB-811D-4E23-9A00-5048098C0A65}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2FD61C47-7AE9-42AB-8D64-2323ED5E0A09}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31638B67-4502-4350-8241-7C9142E4C5DE}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{42BB0544-DCEE-4161-9B96-01126694101B}" = dir=out | app=c:\program files (x86)\hometab\tbupdater.dll |
"{469AB0B4-3C7C-4E94-A799-89527B0EA0B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53327E7D-1DEE-4053-B6AB-7D8D2D6D5F0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{552EA133-7DD7-48A6-9E9E-64DC503089C9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{594DF055-EBE8-454D-B537-75067EB1E901}" = dir=out | app=c:\program files (x86)\hometab\tbupdater.dll |
"{6107D479-E2D8-4289-8848-4BCB76C629A8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{61E7B302-91B2-4E8D-9F63-2074ED65DCB7}" = protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
"{665D404B-9D5E-4056-9C6F-90EFF1FD0B74}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{666625D3-9F5E-44F4-95C9-5E5BE23365E3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6715FD9B-237D-4F6B-8A97-422066099A0C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{71EDB291-9858-4A48-9B1D-8F92FF045CE6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{7E4973B2-C5E4-48EF-8E35-DE28924EBE1C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82912849-604C-435A-B758-492CFE56894E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{8420C093-0C36-45E3-BEF7-B888E0CDD4E1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{86F341F4-63A3-4342-8C0A-CF564EE9577B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8874D6EF-2BC5-46B7-B427-07567662C6FE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{887C9308-6282-4461-BD7F-753B80E2F967}" = dir=in | app=c:\program files (x86)\hometab\tbupdater.dll |
"{8C55F13F-9E4A-4683-A662-FFC8C4E77540}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D177722-46BA-40EA-BF1B-3F4A659C2E10}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9E3286B9-7560-4E6A-BBA1-438261700567}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9EDBA91D-B15B-458E-905C-E91C3830AD54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FAD305A-AE65-4D6C-B7BD-904AD00E1C0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A48AF713-C44C-4F38-AF27-287E6D4FC92E}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{A682B173-C162-45B2-958B-6B1BDC06A3D6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ABBA8008-9267-4AE3-A5F2-D1AF3BADBF75}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{B9E466ED-F078-4ED4-8CE6-B68246C5BD3D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BBDFC7F0-79E2-4B52-90C7-2A81DA8A167A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDEC1190-278F-4591-976C-77B034C1AE2F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{BFE11E01-FA82-4711-BDC4-1BA03DF4D81D}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{C0373380-7323-45B5-83EF-75F627C4E514}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{CBD3B266-DFBF-45E5-ACB9-91A419493151}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{CBF37D63-0977-4922-82B1-48A5FB40679C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CC45485A-C32B-4C0E-8847-1E7F7416CDB2}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{CEA6EFF9-80D7-4E20-B358-99787029F517}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6F47D72-62CC-4C59-8CE5-104F5E0CDAF3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DAA683C9-63F0-427C-AC20-053A0D97684F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DD7F3F3A-22FC-4066-BAA1-3044D7FD4746}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E673A53D-22BC-432F-A246-89511BFB4C82}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDFDDCB7-D5F3-4D51-AA2F-BA96FB707548}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EF46AF8F-B4E9-4965-ABDC-BAFC029B8CA3}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{FECB8B68-1526-4D3C-8401-E7B9FD31AA72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{266CCC48-9AA1-404E-A1CB-558E8CC46F69}" = Windows OEM Preinstallation Kit
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater 2.0.0.578
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3BDBA092-5F32-4F3D-B315-DFA3A2B72856}" = Windows Live Family Safety
"{3F2A8756-C008-43D7-8E1D-7300AA394549}" = Windows Live Family Safety
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{48491B19-3759-428B-9560-7AE4697B8FFF}" = Windows Live Family Safety
"{4BB3027E-7ABE-43EA-BA1B-9521EF69B530}" = Windows Live Family Safety
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5ECA80C9-7D7A-49AC-B487-52F1CF47ECEE}" = Windows Live Family Safety
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{74AC7ECE-87E1-41F7-ABA2-5ED9B13CECFA}" = Windows Live Family Safety
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{944E73EF-857E-4F71-9DC4-CD059D7ADDEF}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A0CC1C12-528A-42A3-B9A3-10C4F9E65C9E}" = Windows Live Family Safety
"{A986CF32-C1C2-4B53-91AD-78EE027875C7}" = Windows Live Family Safety
"{AAE97E7E-B3A6-42BA-ADA5-04A0E6FD7224}" = Windows Live Family Safety
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.31
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CE6D49CE-ED18-47E1-8449-037BC7181450}" = Windows Live Family Safety
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F20B6800-68D7-48DB-A2EB-26BB7BFD1F77}" = Windows Live Family Safety
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{F71F4E15-C711-4010-B1BD-74EE2618B86F}" = Windows Live Family Safety
"{FD41A335-9425-44CB-B1D6-E657C52F7DC6}" = Windows Live Family Safety
"CNXT_AUDIO_HDA" = Conexant HD Audio
"GIMP-2_is1" = GIMP 2.6.12
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Sn1" = Logitech Flow Scroll 4.0
"sp6" = Logitech SetPoint 6.32
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}" = Messenger Companion
"{082E37F5-3924-4168-A69A-1B6B1FEA587C}" = Messenger Companion
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}" = Remote Keyboard
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3705D53F-BB01-4BEE-8585-289E71CAC4B4}" = Компаньон Messenger
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{45191C61-3D04-4D03-B78A-592DF13264CC}" = Windows Live Messenger
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}" = Messenger Assistent
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}" = Wildlife Park Gold
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6DD3B54B-F0D0-4A69-8344-F52033225A02}" = Messenger Companion
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}" = Messenger Companion
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Atheros WiFi Driver Installation
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96403552-88D1-429F-9C92-388B814B885E}" = Messenger Companion
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}" = Messenger-kumppani
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCC90D75-FCD8-4FE8-A1A4-4B3F553A72B7}" = Рупор Messenger
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}" = Помощник на Messenger
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup" = DivX-Setup
"Downloader" = Downloader
"FilesFrog Update Checker" = FilesFrog Update Checker
"Free YouTube Download_is1" = Free YouTube Download version 3.1.22.319
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"Google Chrome" = Google Chrome
"Hospital Tycoon_is1" = Hospital Tycoon
"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Origin" = Origin
"Revo Uninstaller" = Revo Uninstaller 1.93
"splashtop" = Quick Web Access
"VAIO Help and Support" =
"VAIO Hero Screensaver - Summer 2011 Screensaver" = VAIO Hero Screensaver - Summer 2011 Screensaver
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.06.2013 04:44:51 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 02.06.2013 04:45:23 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
Error - 02.06.2013 14:06:50 | Computer Name = Honey-VAIO | Source = WinMgmt | ID = 10
Description =
 
Error - 02.06.2013 14:08:36 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 02.06.2013 14:09:08 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
Error - 03.06.2013 05:51:38 | Computer Name = Honey-VAIO | Source = WinMgmt | ID = 10
Description =
 
Error - 03.06.2013 05:53:12 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 03.06.2013 05:54:32 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
Error - 03.06.2013 06:01:03 | Computer Name = Honey-VAIO | Source = WinMgmt | ID = 10
Description =
 
Error - 03.06.2013 06:03:34 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 03.06.2013 06:04:06 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
 
< End of report >
--- --- ---

--- --- ---

schrauber 21.06.2013 13:21
Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

sunshinebabe 21.06.2013 13:22
OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 21.06.2013 13:36:26 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Honey\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,98 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,32% Memory free
7,96 Gb Paging File | 5,91 Gb Available in Paging File | 74,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,15 Gb Total Space | 348,99 Gb Free Space | 77,18% Space Free | Partition Type: NTFS
 
Computer Name: HONEY-VAIO | User Name: Honey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1608208894-3311642015-2121124740-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07204B0C-BD75-400E-BFF3-EEEFEFE63E12}" = rport=139 | protocol=6 | dir=out | app=system |
"{091DDE4D-D1B1-4B11-9B96-4A0B1FCABA0A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{140B56F1-A232-4474-9841-3F9868D95FDC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{146A2EF3-20BC-4C3D-9EB8-A5A59A200B7C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1479C0DD-6C92-4046-A8BE-6FB32532D0D8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A01D70D-18CD-4176-B591-ED78EDDCB346}" = lport=53 | protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\dcdhcpservice.exe |
"{2D898C5C-62DF-49C0-8C7B-98F7F2D3B342}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{304FDDC6-3244-4CD5-852D-D5FD8C239B2F}" = lport=139 | protocol=6 | dir=in | app=system |
"{3AC55FE1-3630-484F-935E-DCB644E02E61}" = rport=138 | protocol=17 | dir=out | app=system |
"{3D4C25C5-D856-4C98-A510-EB00596ACBFB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{48633321-FF69-4039-BC08-A160249173DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{518BB9DE-2DE5-4157-8CD8-EB29FB6F7588}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{591FB9AB-5EDB-4B58-BEA1-4EF111EA15B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{621A6221-8274-476C-B1BA-A6F7AB82112B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6CCBB509-CAAE-4B3F-B7AE-11F0C4F33810}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7331F8FC-590F-46F4-B0C1-7590FED4E421}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F0DBA32-A544-4982-9A63-FBE7D6FD1BF7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{862296FE-631E-4024-83C6-377DBFCC9674}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{88A561B1-8A55-41C8-A671-160CCCA67A73}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89E6EB29-4F28-4C74-B732-992690E9B671}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A7A993F6-0EA2-4B1F-945F-A84293D628D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A83C058F-5167-4571-AFF3-0DC13C4E2B3D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A83C38B7-CFEF-4025-BAA6-A17CA223E299}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA7F2292-833E-4165-A79B-17E7EB54B88F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AAE0F2FF-7052-4FF9-B196-5756B8F948F9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BC2813AB-B9DC-4D04-9C22-6147CF13D273}" = lport=137 | protocol=17 | dir=in | app=system |
"{BD3E8E61-6DEA-4598-A7DA-A733B3397AC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BEB21666-7E37-4710-8364-DDED211074B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CCF62713-9BAC-420F-970B-6406CF9601EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D00757F5-5BC2-4261-8257-4CCA0BAC9872}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D25250D5-7061-4007-B0B8-9DBD0070D410}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D8C3AF9E-9E21-4E8A-9FCE-025EA5FB16D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{DB192EF9-F61D-4F52-AD20-DAA4DF391722}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E37C3D38-5052-4A33-8AE5-95618F4E9DA3}" = lport=445 | protocol=6 | dir=in | app=system |
"{FFF78941-B51C-4DC2-897F-59204E57E2C6}" = lport=80 | protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04ED4091-4345-4976-9B9B-714B0CAAF576}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{098493D5-21EA-4170-97D6-66C9427A6F06}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{0D1E247E-2A9C-40C0-8906-7ED5BB01B661}" = dir=in | app=c:\program files (x86)\hometab\tbupdater.dll |
"{10BA135A-903A-41C2-9B09-3EE97E932C97}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{18399E6D-8B99-4E21-92E4-3EF76BC76FFA}" = protocol=6 | dir=out | app=system |
"{19548293-F80E-44BC-A8F1-63C47EF5BB6D}" = protocol=17 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
"{1C564173-409F-4AF3-AE11-92E0784325A4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{224BD158-F033-46C4-922A-1AF653214180}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2DDE91AB-811D-4E23-9A00-5048098C0A65}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2FD61C47-7AE9-42AB-8D64-2323ED5E0A09}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31638B67-4502-4350-8241-7C9142E4C5DE}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{42BB0544-DCEE-4161-9B96-01126694101B}" = dir=out | app=c:\program files (x86)\hometab\tbupdater.dll |
"{469AB0B4-3C7C-4E94-A799-89527B0EA0B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53327E7D-1DEE-4053-B6AB-7D8D2D6D5F0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{552EA133-7DD7-48A6-9E9E-64DC503089C9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{594DF055-EBE8-454D-B537-75067EB1E901}" = dir=out | app=c:\program files (x86)\hometab\tbupdater.dll |
"{6107D479-E2D8-4289-8848-4BCB76C629A8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{61E7B302-91B2-4E8D-9F63-2074ED65DCB7}" = protocol=6 | dir=in | app=c:\program files\sony\vaio smart network\wfda\wifidirectapplication.exe |
"{665D404B-9D5E-4056-9C6F-90EFF1FD0B74}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{666625D3-9F5E-44F4-95C9-5E5BE23365E3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6715FD9B-237D-4F6B-8A97-422066099A0C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{71EDB291-9858-4A48-9B1D-8F92FF045CE6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{7E4973B2-C5E4-48EF-8E35-DE28924EBE1C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82912849-604C-435A-B758-492CFE56894E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{8420C093-0C36-45E3-BEF7-B888E0CDD4E1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{86F341F4-63A3-4342-8C0A-CF564EE9577B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8874D6EF-2BC5-46B7-B427-07567662C6FE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{887C9308-6282-4461-BD7F-753B80E2F967}" = dir=in | app=c:\program files (x86)\hometab\tbupdater.dll |
"{8C55F13F-9E4A-4683-A662-FFC8C4E77540}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D177722-46BA-40EA-BF1B-3F4A659C2E10}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9E3286B9-7560-4E6A-BBA1-438261700567}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9EDBA91D-B15B-458E-905C-E91C3830AD54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FAD305A-AE65-4D6C-B7BD-904AD00E1C0B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A48AF713-C44C-4F38-AF27-287E6D4FC92E}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{A682B173-C162-45B2-958B-6B1BDC06A3D6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ABBA8008-9267-4AE3-A5F2-D1AF3BADBF75}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{B9E466ED-F078-4ED4-8CE6-B68246C5BD3D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BBDFC7F0-79E2-4B52-90C7-2A81DA8A167A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDEC1190-278F-4591-976C-77B034C1AE2F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{BFE11E01-FA82-4711-BDC4-1BA03DF4D81D}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{C0373380-7323-45B5-83EF-75F627C4E514}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{CBD3B266-DFBF-45E5-ACB9-91A419493151}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{CBF37D63-0977-4922-82B1-48A5FB40679C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CC45485A-C32B-4C0E-8847-1E7F7416CDB2}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{CEA6EFF9-80D7-4E20-B358-99787029F517}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6F47D72-62CC-4C59-8CE5-104F5E0CDAF3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DAA683C9-63F0-427C-AC20-053A0D97684F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DD7F3F3A-22FC-4066-BAA1-3044D7FD4746}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E673A53D-22BC-432F-A246-89511BFB4C82}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDFDDCB7-D5F3-4D51-AA2F-BA96FB707548}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EF46AF8F-B4E9-4965-ABDC-BAFC029B8CA3}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{FECB8B68-1526-4D3C-8401-E7B9FD31AA72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{266CCC48-9AA1-404E-A1CB-558E8CC46F69}" = Windows OEM Preinstallation Kit
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = IB Updater 2.0.0.578
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3BDBA092-5F32-4F3D-B315-DFA3A2B72856}" = Windows Live Family Safety
"{3F2A8756-C008-43D7-8E1D-7300AA394549}" = Windows Live Family Safety
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{48491B19-3759-428B-9560-7AE4697B8FFF}" = Windows Live Family Safety
"{4BB3027E-7ABE-43EA-BA1B-9521EF69B530}" = Windows Live Family Safety
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5ECA80C9-7D7A-49AC-B487-52F1CF47ECEE}" = Windows Live Family Safety
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{74AC7ECE-87E1-41F7-ABA2-5ED9B13CECFA}" = Windows Live Family Safety
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{944E73EF-857E-4F71-9DC4-CD059D7ADDEF}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A0CC1C12-528A-42A3-B9A3-10C4F9E65C9E}" = Windows Live Family Safety
"{A986CF32-C1C2-4B53-91AD-78EE027875C7}" = Windows Live Family Safety
"{AAE97E7E-B3A6-42BA-ADA5-04A0E6FD7224}" = Windows Live Family Safety
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.31
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.31
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CE6D49CE-ED18-47E1-8449-037BC7181450}" = Windows Live Family Safety
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F20B6800-68D7-48DB-A2EB-26BB7BFD1F77}" = Windows Live Family Safety
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{F71F4E15-C711-4010-B1BD-74EE2618B86F}" = Windows Live Family Safety
"{FD41A335-9425-44CB-B1D6-E657C52F7DC6}" = Windows Live Family Safety
"CNXT_AUDIO_HDA" = Conexant HD Audio
"GIMP-2_is1" = GIMP 2.6.12
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Sn1" = Logitech Flow Scroll 4.0
"sp6" = Logitech SetPoint 6.32
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}" = Messenger Companion
"{082E37F5-3924-4168-A69A-1B6B1FEA587C}" = Messenger Companion
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect
"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}" = Remote Keyboard
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3705D53F-BB01-4BEE-8585-289E71CAC4B4}" = Компаньон Messenger
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{45191C61-3D04-4D03-B78A-592DF13264CC}" = Windows Live Messenger
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}" = Messenger Assistent
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}" = Wildlife Park Gold
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6DD3B54B-F0D0-4A69-8344-F52033225A02}" = Messenger Companion
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote-Tastatur
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}" = Messenger Companion
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Atheros WiFi Driver Installation
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96403552-88D1-429F-9C92-388B814B885E}" = Messenger Companion
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}" = Messenger-kumppani
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E64C137C-D0B7-467A-B47F-460AAB30F0A3}" = ViewNX 2
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCC90D75-FCD8-4FE8-A1A4-4B3F553A72B7}" = Рупор Messenger
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}" = Помощник на Messenger
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup" = DivX-Setup
"Downloader" = Downloader
"FilesFrog Update Checker" = FilesFrog Update Checker
"Free YouTube Download_is1" = Free YouTube Download version 3.1.22.319
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"Google Chrome" = Google Chrome
"Hospital Tycoon_is1" = Hospital Tycoon
"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Origin" = Origin
"Revo Uninstaller" = Revo Uninstaller 1.93
"splashtop" = Quick Web Access
"VAIO Help and Support" =
"VAIO Hero Screensaver - Summer 2011 Screensaver" = VAIO Hero Screensaver - Summer 2011 Screensaver
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.06.2013 04:44:51 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 02.06.2013 04:45:23 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
Error - 02.06.2013 14:06:50 | Computer Name = Honey-VAIO | Source = WinMgmt | ID = 10
Description =
 
Error - 02.06.2013 14:08:36 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 02.06.2013 14:09:08 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
Error - 03.06.2013 05:51:38 | Computer Name = Honey-VAIO | Source = WinMgmt | ID = 10
Description =
 
Error - 03.06.2013 05:53:12 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 03.06.2013 05:54:32 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
Error - 03.06.2013 06:01:03 | Computer Name = Honey-VAIO | Source = WinMgmt | ID = 10
Description =
 
Error - 03.06.2013 06:03:34 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Too many failures while downloading ranges: 2
 
Error - 03.06.2013 06:04:06 | Computer Name = Honey-VAIO | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Stream product id=0x0066): Streaming Failed
 
 
< End of report >
--- --- ---



FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 01
Ran by Honey (administrator) on 21-06-2013 14:24:51
Running from C:\Users\Honey\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(AVG Secure Search) C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
MountPoints2: {2492a5ca-f736-11e0-a086-806e6f6e6963} - D:\KOCHSTARTER.EXE
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" [1226928 2013-06-20] (AVG Secure Search)
AppInit_DLLs:    [0 ] ()
AppInit_DLLs-x32:    [0 ] ()

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
HKLM-x32 SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
HKCU SearchScopes: DefaultScope {AE964E5E-C560-43DE-B7C9-DBEC33B131F9} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {255F4D76-2D97-4962-8A3D-058AD48A57B9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {4531C4FD-21DB-4C85-806A-68C4B9BFEBDB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=d553a4b0-a6e8-4ada-bf2c-ef701486df43&apn_sauid=3C0E634F-27E2-4FEF-9DB3-F59AB3C77021
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {AE964E5E-C560-43DE-B7C9-DBEC33B131F9} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKCU - {AEBDF6EB-D307-4CBC-BDF0-8074A44A4AFC} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKCU - {C50DE191-83F9-47BA-BB0F-81D68CE35AC7} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {F66BE474-53C1-47C8-AD33-CB746FDE3287} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default
FF user.js: detected! => C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\user.js
FF SelectedSearchEngine: Web Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DVDVideoSoftTB  - C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF Extension: No Name - C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR RestoreOnStartup: "about:newtab?source=home"
CHR Extension: (IB Updater) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.578_0
CHR Extension: (Logitech Flow Scroll) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.8_0
CHR Extension: (Ad-Aware Security Add-on) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko\1.0.0.6_0

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-25] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
S4 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2013-01-29] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-05-24] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-06-20] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-25] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-20] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-25] (Avira Operations GmbH & Co. KG)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-03] (GFI Software)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 cpuz134; \??\C:\Users\Honey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
U3 fgtyipow; \??\C:\Users\Honey\AppData\Local\Temp\fgtyipow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-21 14:24 - 2013-06-21 14:24 - 00000000 ____D C:\FRST
2013-06-21 14:23 - 2013-06-21 14:23 - 01930994 ____A (Farbar) C:\Users\Honey\Desktop\FRST64.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00377856 ____A C:\Users\Honey\Desktop\gmer_2.1.19163.exe
2013-06-21 13:49 - 2013-06-21 13:49 - 00000472 ____A C:\Users\Honey\Desktop\defogger_disable.log
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____A C:\Users\Honey\defogger_reenable
2013-06-21 13:46 - 2013-06-21 13:46 - 00050477 ____A C:\Users\Honey\Desktop\Defogger.exe
2013-06-21 13:41 - 2013-06-21 13:42 - 00000000 ____D C:\Users\Honey\AppData\Local\{88D559F7-9B3B-4F1F-AD4B-42D98F644B59}
2013-06-21 13:35 - 2013-06-21 13:48 - 00102472 ____A C:\Users\Honey\Desktop\Extras.Txt
2013-06-21 13:34 - 2013-06-21 13:47 - 00128096 ____A C:\Users\Honey\Desktop\OTL.Txt
2013-06-21 13:24 - 2013-06-21 13:24 - 00602112 ____A (OldTimer Tools) C:\Users\Honey\Desktop\OTL.exe
2013-06-21 13:23 - 2013-06-21 13:23 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-06-20 23:19 - 2013-06-20 23:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-20 23:19 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-20 23:08 - 2013-06-20 23:08 - 00215096 ____A C:\Users\Honey\Downloads\FromDocToPDF.exe
2013-06-20 23:04 - 2013-06-20 23:04 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG Secure Search
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 22:18 - 2013-06-20 22:21 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-18 10:23 - 2013-06-18 10:23 - 00000000 ____D C:\Users\Honey\AppData\Local\{1056D527-3ECF-44D1-95DB-BF46A2D5A4D9}
2013-06-17 17:46 - 2013-06-17 17:46 - 00000000 ____D C:\Users\Honey\AppData\Local\{71F82577-7A1A-4D67-96A8-8E7D3B9680D2}
2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Honey\AppData\Local\{F1411FFD-0068-4013-A3D2-B951685C57CA}
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-16 05:48 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 05:48 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 05:48 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 05:48 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 05:48 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 22:35 - 2013-06-15 22:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{71E6CC78-7174-4DB6-9FA8-C342FD47AD8C}
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-15 08:01 - 2013-06-15 08:01 - 00000000 ____D C:\Users\Honey\AppData\Local\{51871D53-1D98-4F4A-B54B-F36892D1D0A8}
2013-06-14 21:34 - 2013-06-21 11:26 - 00009724 ____A C:\Windows\PFRO.log
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:20 - 2013-06-14 18:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:14 - 2013-06-14 18:15 - 00000000 ____D C:\ProgramData\Google
2013-06-14 09:14 - 2013-06-21 11:26 - 00001736 ____A C:\Windows\setupact.log
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-14 09:03 - 2013-06-14 09:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{57CC476A-C1FF-41AF-8157-34F19CE51197}
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 22:02 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:02 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:02 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 22:02 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 22:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 21:54 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 21:54 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 21:54 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 21:54 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 21:54 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 21:54 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 21:54 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 13:40 - 2013-06-11 13:40 - 00000000 ____D C:\Users\Honey\AppData\Local\{006B674A-8953-47FE-838B-FE0F600FF420}
2013-06-10 09:45 - 2013-06-10 09:45 - 00000000 ____D C:\Users\Honey\AppData\Local\{A85A67BA-DF02-41D2-835C-FE37113B41ED}
2013-06-09 08:25 - 2013-06-09 08:25 - 00000000 ____D C:\Users\Honey\AppData\Local\{67F3D753-09E4-49CB-A16D-B0053FA53F7A}
2013-06-08 13:36 - 2013-06-08 13:36 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD3100D1-59E0-47B5-9F87-1C4D09908C08}
2013-06-07 20:54 - 2013-06-07 20:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-07 19:06 - 2013-06-07 19:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{14E69EA2-8725-444B-B324-1B05D257AD21}
2013-06-06 20:58 - 2013-06-06 20:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{B8FA846C-6895-4389-AF55-9AF995492A89}
2013-06-06 08:58 - 2013-06-06 08:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{F42863DB-C42B-4646-B385-7290EA6BFE13}
2013-06-05 22:11 - 2013-06-11 13:51 - 00000513 ____A C:\Windows\wininit.ini
2013-06-05 19:03 - 2013-06-05 19:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{27699CFD-8E0D-4630-84AC-5255C89F5A48}
2013-06-04 08:35 - 2013-06-04 08:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD0603A9-7097-4709-AC3E-8B689AAA26A7}
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 15:08 - 2013-06-03 15:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{C69C325B-A781-4E60-9CFA-143E6191C571}
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-14 08:32 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\adawaretb
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\adawaretb
2013-06-03 12:29 - 2013-06-03 17:26 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 11:15 - 2013-06-03 11:15 - 00000000 ____D C:\Users\Honey\AppData\Local\{3A975F98-6270-4CB5-8CCC-5573C7612283}
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-01 07:29 - 2013-06-01 07:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{580EB522-F702-49A8-87A7-343F1D48D4C0}
2013-05-31 11:08 - 2013-05-31 11:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{014FD6B5-CBCD-4F2F-940D-D3D056ACC676}
2013-05-31 08:49 - 2013-06-19 14:44 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Doriip
2013-05-31 08:49 - 2013-06-18 18:47 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Obyv
2013-05-31 08:49 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Unix
2013-05-29 11:06 - 2013-05-29 11:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{098DEC51-F5F8-46DD-9B85-689920840BF8}
2013-05-28 17:30 - 2013-05-28 17:30 - 00000000 ____D C:\Users\Honey\AppData\Local\{0D5EB7EA-9BB8-4031-84FC-4458ECEC7BAB}
2013-05-27 22:41 - 2013-05-27 22:41 - 00000000 ____D C:\Users\Honey\AppData\Local\{7E0802D5-AFC7-41F2-B37A-EF0BFC992B9A}
2013-05-27 08:34 - 2013-05-27 08:34 - 00000000 ____D C:\Users\Honey\AppData\Local\{EAC1C630-ED67-47C2-AD1C-327228A1E0CA}
2013-05-26 20:56 - 2013-05-26 21:02 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:34 - 2013-06-05 22:09 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-05-26 20:20 - 2013-05-26 20:23 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 19:45 - 2013-05-26 20:20 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:11 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 18:30 - 2013-05-26 19:11 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-26 18:30 - 2013-05-26 18:30 - 01143787 ____A (Ubisoft                                                    ) C:\Users\Honey\Settlers7_GOLD_Setup.exe
2013-05-26 18:29 - 2013-05-26 18:30 - 00000000 ____D C:\Users\Honey\AppData\Local\Downloader
2013-05-26 16:58 - 2013-05-26 16:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{2A22724A-7660-4AA6-8152-EE0AB7133D3C}
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 09:13 - 2013-05-24 09:21 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 08:43 - 2013-05-13 05:52 - 00023624 ____A C:\Windows\Launcher.exe
2013-05-24 08:22 - 2013-05-24 08:23 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:17 - 2013-06-21 13:01 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-05-24 08:12 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare
2013-05-23 10:29 - 2013-05-23 10:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{BA4FCBC3-3A79-49E2-8517-6229A5450E40}
2013-05-22 12:00 - 2013-05-22 12:00 - 00000000 ____D C:\Users\Honey\AppData\Local\{46829BE5-205D-4EA9-9F93-8CD8C0D9E739}

==================== One Month Modified Files and Folders =======

2013-06-21 14:24 - 2013-06-21 14:24 - 00000000 ____D C:\FRST
2013-06-21 14:23 - 2013-06-21 14:23 - 01930994 ____A (Farbar) C:\Users\Honey\Desktop\FRST64.exe
2013-06-21 14:01 - 2012-04-06 22:15 - 00000000 ____D C:\Users\Honey\AppData\Local\CrashDumps
2013-06-21 13:51 - 2013-06-21 13:51 - 00377856 ____A C:\Users\Honey\Desktop\gmer_2.1.19163.exe
2013-06-21 13:49 - 2013-06-21 13:49 - 00000472 ____A C:\Users\Honey\Desktop\defogger_disable.log
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____A C:\Users\Honey\defogger_reenable
2013-06-21 13:49 - 2011-10-15 17:02 - 00000000 ____D C:\users\Honey
2013-06-21 13:48 - 2013-06-21 13:35 - 00102472 ____A C:\Users\Honey\Desktop\Extras.Txt
2013-06-21 13:47 - 2013-06-21 13:34 - 00128096 ____A C:\Users\Honey\Desktop\OTL.Txt
2013-06-21 13:47 - 2011-10-15 17:01 - 01840004 ____A C:\Windows\WindowsUpdate.log
2013-06-21 13:46 - 2013-06-21 13:46 - 00050477 ____A C:\Users\Honey\Desktop\Defogger.exe
2013-06-21 13:42 - 2013-06-21 13:41 - 00000000 ____D C:\Users\Honey\AppData\Local\{88D559F7-9B3B-4F1F-AD4B-42D98F644B59}
2013-06-21 13:24 - 2013-06-21 13:24 - 00602112 ____A (OldTimer Tools) C:\Users\Honey\Desktop\OTL.exe
2013-06-21 13:23 - 2013-06-21 13:23 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-06-21 13:01 - 2013-05-24 08:17 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-06-21 11:34 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-21 11:34 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-21 11:31 - 2011-05-19 19:14 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-21 11:31 - 2011-05-19 19:14 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-21 11:31 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 11:26 - 2013-06-14 21:34 - 00009724 ____A C:\Windows\PFRO.log
2013-06-21 11:26 - 2013-06-14 09:14 - 00001736 ____A C:\Windows\setupact.log
2013-06-21 11:26 - 2011-05-19 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-20 23:19 - 2013-06-20 23:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-20 23:08 - 2013-06-20 23:08 - 00215096 ____A C:\Users\Honey\Downloads\FromDocToPDF.exe
2013-06-20 23:04 - 2013-06-20 23:04 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG Secure Search
2013-06-20 22:21 - 2013-06-20 22:18 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 20:36 - 2012-09-19 18:28 - 00000000 ____D C:\Users\Honey\AppData\Local\Google
2013-06-20 19:48 - 2012-10-23 20:22 - 00041984 __ASH C:\Users\Honey\Thumbs.db
2013-06-19 14:44 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Doriip
2013-06-18 18:47 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Obyv
2013-06-18 14:52 - 2012-11-30 18:11 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-18 10:23 - 2013-06-18 10:23 - 00000000 ____D C:\Users\Honey\AppData\Local\{1056D527-3ECF-44D1-95DB-BF46A2D5A4D9}
2013-06-17 17:46 - 2013-06-17 17:46 - 00000000 ____D C:\Users\Honey\AppData\Local\{71F82577-7A1A-4D67-96A8-8E7D3B9680D2}
2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Honey\AppData\Local\{F1411FFD-0068-4013-A3D2-B951685C57CA}
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-15 22:35 - 2013-06-15 22:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{71E6CC78-7174-4DB6-9FA8-C342FD47AD8C}
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 19:15 - 2012-11-30 18:11 - 00000000 ____D C:\ProgramData\Origin
2013-06-15 19:15 - 2012-11-30 18:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-15 18:39 - 2012-12-14 20:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-15 18:37 - 2012-11-30 18:12 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Origin
2013-06-15 18:36 - 2012-12-14 20:43 - 00000000 ____D C:\Users\Honey\AppData\Local\Origin
2013-06-15 08:01 - 2013-06-15 08:01 - 00000000 ____D C:\Users\Honey\AppData\Local\{51871D53-1D98-4F4A-B54B-F36892D1D0A8}
2013-06-14 21:37 - 2012-03-31 12:25 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 21:37 - 2012-03-31 12:25 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-14 21:37 - 2011-10-15 21:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 20:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 20:37 - 2011-10-16 18:54 - 00000000 ____D C:\Users\Honey\AppData\Roaming\vlc
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:25 - 2013-06-14 18:20 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:15 - 2013-06-14 18:14 - 00000000 ____D C:\ProgramData\Google
2013-06-14 18:15 - 2012-09-19 18:28 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-14 09:03 - 2013-06-14 09:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{57CC476A-C1FF-41AF-8157-34F19CE51197}
2013-06-14 08:51 - 2012-09-19 18:51 - 00000000 ____D C:\Windows\Minidump
2013-06-14 08:51 - 2011-10-26 20:02 - 00000000 ____D C:\Users\Honey\Tracing
2013-06-14 08:51 - 2011-02-11 00:48 - 00000000 ____D C:\Windows\Panther
2013-06-14 08:32 - 2013-06-03 12:31 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2011-10-16 09:34 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 21:31 - 2011-10-15 19:37 - 00000000 ____D C:\Users\Honey\Documents\Bluetooth Folder
2013-06-11 13:51 - 2013-06-05 22:11 - 00000513 ____A C:\Windows\wininit.ini
2013-06-11 13:50 - 2012-09-19 18:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-11 13:40 - 2013-06-11 13:40 - 00000000 ____D C:\Users\Honey\AppData\Local\{006B674A-8953-47FE-838B-FE0F600FF420}
2013-06-10 09:45 - 2013-06-10 09:45 - 00000000 ____D C:\Users\Honey\AppData\Local\{A85A67BA-DF02-41D2-835C-FE37113B41ED}
2013-06-09 08:25 - 2013-06-09 08:25 - 00000000 ____D C:\Users\Honey\AppData\Local\{67F3D753-09E4-49CB-A16D-B0053FA53F7A}
2013-06-08 16:08 - 2013-06-16 05:48 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 05:48 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 05:48 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:36 - 2013-06-08 13:36 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD3100D1-59E0-47B5-9F87-1C4D09908C08}
2013-06-08 13:13 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 20:55 - 2013-06-07 20:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-07 20:54 - 2012-03-24 19:59 - 00000000 ____D C:\Users\Honey\AppData\Roaming\DVDVideoSoft
2013-06-07 19:06 - 2013-06-07 19:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{14E69EA2-8725-444B-B324-1B05D257AD21}
2013-06-06 20:58 - 2013-06-06 20:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{B8FA846C-6895-4389-AF55-9AF995492A89}
2013-06-06 08:58 - 2013-06-06 08:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{F42863DB-C42B-4646-B385-7290EA6BFE13}
2013-06-05 22:11 - 2013-04-01 08:24 - 00000000 ____D C:\Program Files (x86)\BUDNI Fotowelt
2013-06-05 22:09 - 2013-05-26 20:34 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-06-05 22:09 - 2011-05-19 09:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-05 21:36 - 2012-09-19 18:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-06-05 21:30 - 2011-10-15 17:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Apple Computer
2013-06-05 19:03 - 2013-06-05 19:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{27699CFD-8E0D-4630-84AC-5255C89F5A48}
2013-06-05 18:44 - 2012-09-19 18:28 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 22:43 - 2012-09-19 18:28 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-04 08:35 - 2013-06-04 08:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD0603A9-7097-4709-AC3E-8B689AAA26A7}
2013-06-03 17:26 - 2013-06-03 12:29 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 15:08 - 2013-06-03 15:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{C69C325B-A781-4E60-9CFA-143E6191C571}
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\adawaretb
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\adawaretb
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 12:13 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 12:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-03 12:11 - 2012-05-19 20:42 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-06-03 11:15 - 2013-06-03 11:15 - 00000000 ____D C:\Users\Honey\AppData\Local\{3A975F98-6270-4CB5-8CCC-5573C7612283}
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-01 07:29 - 2013-06-01 07:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{580EB522-F702-49A8-87A7-343F1D48D4C0}
2013-05-31 11:08 - 2013-05-31 11:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{014FD6B5-CBCD-4F2F-940D-D3D056ACC676}
2013-05-31 08:49 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Unix
2013-05-29 11:06 - 2013-05-29 11:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{098DEC51-F5F8-46DD-9B85-689920840BF8}
2013-05-28 17:30 - 2013-05-28 17:30 - 00000000 ____D C:\Users\Honey\AppData\Local\{0D5EB7EA-9BB8-4031-84FC-4458ECEC7BAB}
2013-05-27 22:41 - 2013-05-27 22:41 - 00000000 ____D C:\Users\Honey\AppData\Local\{7E0802D5-AFC7-41F2-B37A-EF0BFC992B9A}
2013-05-27 09:36 - 2011-11-19 09:34 - 00027847 ____A C:\test.xml
2013-05-27 08:34 - 2013-05-27 08:34 - 00000000 ____D C:\Users\Honey\AppData\Local\{EAC1C630-ED67-47C2-AD1C-327228A1E0CA}
2013-05-26 21:06 - 2011-10-15 17:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\SoftGrid Client
2013-05-26 21:02 - 2013-05-26 20:56 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:23 - 2013-05-26 20:20 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 20:20 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:45 - 2013-05-26 19:11 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 19:11 - 2013-05-26 18:30 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-26 18:30 - 2013-05-26 18:30 - 01143787 ____A (Ubisoft                                                    ) C:\Users\Honey\Settlers7_GOLD_Setup.exe
2013-05-26 18:30 - 2013-05-26 18:29 - 00000000 ____D C:\Users\Honey\AppData\Local\Downloader
2013-05-26 16:58 - 2013-05-26 16:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{2A22724A-7660-4AA6-8152-EE0AB7133D3C}
2013-05-24 16:29 - 2012-09-01 20:51 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-05-24 09:21 - 2013-05-24 09:13 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 08:23 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:22 - 2013-05-24 08:12 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare
2013-05-23 10:29 - 2013-05-23 10:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{BA4FCBC3-3A79-49E2-8517-6229A5450E40}
2013-05-22 12:00 - 2013-05-22 12:00 - 00000000 ____D C:\Users\Honey\AppData\Local\{46829BE5-205D-4EA9-9F93-8CD8C0D9E739}

Files to move or delete:
====================
C:\Users\Honey\Settlers7_GOLD_Setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-03 00:32

==================== End Of Log ============================
--- --- ---

--- --- ---

sunshinebabe 21.06.2013 13:31
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 01
Ran by Honey (administrator) on 21-06-2013 14:24:51
Running from C:\Users\Honey\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(AVG Secure Search) C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
MountPoints2: {2492a5ca-f736-11e0-a086-806e6f6e6963} - D:\KOCHSTARTER.EXE
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" [1226928 2013-06-20] (AVG Secure Search)
AppInit_DLLs:    [0 ] ()
AppInit_DLLs-x32:    [0 ] ()

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
HKLM-x32 SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
HKCU SearchScopes: DefaultScope {AE964E5E-C560-43DE-B7C9-DBEC33B131F9} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {255F4D76-2D97-4962-8A3D-058AD48A57B9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {4531C4FD-21DB-4C85-806A-68C4B9BFEBDB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=d553a4b0-a6e8-4ada-bf2c-ef701486df43&apn_sauid=3C0E634F-27E2-4FEF-9DB3-F59AB3C77021
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.searchqu.com/web?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {AE964E5E-C560-43DE-B7C9-DBEC33B131F9} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKCU - {AEBDF6EB-D307-4CBC-BDF0-8074A44A4AFC} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.1&ts=1369377796547&tguid=43169-3580-1369377796547-EB9EDEB8A2A0B5FC98EB9BE6C83260D7&q={searchTerms}
SearchScopes: HKCU - {C50DE191-83F9-47BA-BB0F-81D68CE35AC7} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {F66BE474-53C1-47C8-AD33-CB746FDE3287} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default
FF user.js: detected! => C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\user.js
FF SelectedSearchEngine: Web Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DVDVideoSoftTB  - C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF Extension: No Name - C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR RestoreOnStartup: "about:newtab?source=home"
CHR Extension: (IB Updater) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.578_0
CHR Extension: (Logitech Flow Scroll) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.8_0
CHR Extension: (Ad-Aware Security Add-on) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko\1.0.0.6_0

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-25] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
S4 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2013-01-29] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-05-24] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-06-20] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-25] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-20] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-25] (Avira Operations GmbH & Co. KG)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-03] (GFI Software)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 cpuz134; \??\C:\Users\Honey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
U3 fgtyipow; \??\C:\Users\Honey\AppData\Local\Temp\fgtyipow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-21 14:24 - 2013-06-21 14:24 - 00000000 ____D C:\FRST
2013-06-21 14:23 - 2013-06-21 14:23 - 01930994 ____A (Farbar) C:\Users\Honey\Desktop\FRST64.exe
2013-06-21 13:51 - 2013-06-21 13:51 - 00377856 ____A C:\Users\Honey\Desktop\gmer_2.1.19163.exe
2013-06-21 13:49 - 2013-06-21 13:49 - 00000472 ____A C:\Users\Honey\Desktop\defogger_disable.log
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____A C:\Users\Honey\defogger_reenable
2013-06-21 13:46 - 2013-06-21 13:46 - 00050477 ____A C:\Users\Honey\Desktop\Defogger.exe
2013-06-21 13:41 - 2013-06-21 13:42 - 00000000 ____D C:\Users\Honey\AppData\Local\{88D559F7-9B3B-4F1F-AD4B-42D98F644B59}
2013-06-21 13:35 - 2013-06-21 13:48 - 00102472 ____A C:\Users\Honey\Desktop\Extras.Txt
2013-06-21 13:34 - 2013-06-21 13:47 - 00128096 ____A C:\Users\Honey\Desktop\OTL.Txt
2013-06-21 13:24 - 2013-06-21 13:24 - 00602112 ____A (OldTimer Tools) C:\Users\Honey\Desktop\OTL.exe
2013-06-21 13:23 - 2013-06-21 13:23 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-06-20 23:19 - 2013-06-20 23:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-20 23:19 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-20 23:08 - 2013-06-20 23:08 - 00215096 ____A C:\Users\Honey\Downloads\FromDocToPDF.exe
2013-06-20 23:04 - 2013-06-20 23:04 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG Secure Search
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 22:18 - 2013-06-20 22:21 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-18 10:23 - 2013-06-18 10:23 - 00000000 ____D C:\Users\Honey\AppData\Local\{1056D527-3ECF-44D1-95DB-BF46A2D5A4D9}
2013-06-17 17:46 - 2013-06-17 17:46 - 00000000 ____D C:\Users\Honey\AppData\Local\{71F82577-7A1A-4D67-96A8-8E7D3B9680D2}
2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Honey\AppData\Local\{F1411FFD-0068-4013-A3D2-B951685C57CA}
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-16 05:48 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 05:48 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 05:48 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 05:48 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 05:48 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 22:35 - 2013-06-15 22:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{71E6CC78-7174-4DB6-9FA8-C342FD47AD8C}
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-15 08:01 - 2013-06-15 08:01 - 00000000 ____D C:\Users\Honey\AppData\Local\{51871D53-1D98-4F4A-B54B-F36892D1D0A8}
2013-06-14 21:34 - 2013-06-21 11:26 - 00009724 ____A C:\Windows\PFRO.log
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:20 - 2013-06-14 18:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:14 - 2013-06-14 18:15 - 00000000 ____D C:\ProgramData\Google
2013-06-14 09:14 - 2013-06-21 11:26 - 00001736 ____A C:\Windows\setupact.log
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-14 09:03 - 2013-06-14 09:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{57CC476A-C1FF-41AF-8157-34F19CE51197}
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 22:02 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:02 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:02 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 22:02 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 22:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 21:54 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 21:54 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 21:54 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 21:54 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 21:54 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 21:54 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 21:54 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 13:40 - 2013-06-11 13:40 - 00000000 ____D C:\Users\Honey\AppData\Local\{006B674A-8953-47FE-838B-FE0F600FF420}
2013-06-10 09:45 - 2013-06-10 09:45 - 00000000 ____D C:\Users\Honey\AppData\Local\{A85A67BA-DF02-41D2-835C-FE37113B41ED}
2013-06-09 08:25 - 2013-06-09 08:25 - 00000000 ____D C:\Users\Honey\AppData\Local\{67F3D753-09E4-49CB-A16D-B0053FA53F7A}
2013-06-08 13:36 - 2013-06-08 13:36 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD3100D1-59E0-47B5-9F87-1C4D09908C08}
2013-06-07 20:54 - 2013-06-07 20:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-07 19:06 - 2013-06-07 19:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{14E69EA2-8725-444B-B324-1B05D257AD21}
2013-06-06 20:58 - 2013-06-06 20:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{B8FA846C-6895-4389-AF55-9AF995492A89}
2013-06-06 08:58 - 2013-06-06 08:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{F42863DB-C42B-4646-B385-7290EA6BFE13}
2013-06-05 22:11 - 2013-06-11 13:51 - 00000513 ____A C:\Windows\wininit.ini
2013-06-05 19:03 - 2013-06-05 19:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{27699CFD-8E0D-4630-84AC-5255C89F5A48}
2013-06-04 08:35 - 2013-06-04 08:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD0603A9-7097-4709-AC3E-8B689AAA26A7}
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 15:08 - 2013-06-03 15:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{C69C325B-A781-4E60-9CFA-143E6191C571}
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-14 08:32 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\adawaretb
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\adawaretb
2013-06-03 12:29 - 2013-06-03 17:26 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 11:15 - 2013-06-03 11:15 - 00000000 ____D C:\Users\Honey\AppData\Local\{3A975F98-6270-4CB5-8CCC-5573C7612283}
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-01 07:29 - 2013-06-01 07:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{580EB522-F702-49A8-87A7-343F1D48D4C0}
2013-05-31 11:08 - 2013-05-31 11:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{014FD6B5-CBCD-4F2F-940D-D3D056ACC676}
2013-05-31 08:49 - 2013-06-19 14:44 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Doriip
2013-05-31 08:49 - 2013-06-18 18:47 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Obyv
2013-05-31 08:49 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Unix
2013-05-29 11:06 - 2013-05-29 11:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{098DEC51-F5F8-46DD-9B85-689920840BF8}
2013-05-28 17:30 - 2013-05-28 17:30 - 00000000 ____D C:\Users\Honey\AppData\Local\{0D5EB7EA-9BB8-4031-84FC-4458ECEC7BAB}
2013-05-27 22:41 - 2013-05-27 22:41 - 00000000 ____D C:\Users\Honey\AppData\Local\{7E0802D5-AFC7-41F2-B37A-EF0BFC992B9A}
2013-05-27 08:34 - 2013-05-27 08:34 - 00000000 ____D C:\Users\Honey\AppData\Local\{EAC1C630-ED67-47C2-AD1C-327228A1E0CA}
2013-05-26 20:56 - 2013-05-26 21:02 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:34 - 2013-06-05 22:09 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-05-26 20:20 - 2013-05-26 20:23 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 19:45 - 2013-05-26 20:20 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:11 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 18:30 - 2013-05-26 19:11 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-26 18:30 - 2013-05-26 18:30 - 01143787 ____A (Ubisoft                                                    ) C:\Users\Honey\Settlers7_GOLD_Setup.exe
2013-05-26 18:29 - 2013-05-26 18:30 - 00000000 ____D C:\Users\Honey\AppData\Local\Downloader
2013-05-26 16:58 - 2013-05-26 16:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{2A22724A-7660-4AA6-8152-EE0AB7133D3C}
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 09:13 - 2013-05-24 09:21 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 08:43 - 2013-05-13 05:52 - 00023624 ____A C:\Windows\Launcher.exe
2013-05-24 08:22 - 2013-05-24 08:23 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:17 - 2013-06-21 13:01 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-05-24 08:12 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare
2013-05-23 10:29 - 2013-05-23 10:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{BA4FCBC3-3A79-49E2-8517-6229A5450E40}
2013-05-22 12:00 - 2013-05-22 12:00 - 00000000 ____D C:\Users\Honey\AppData\Local\{46829BE5-205D-4EA9-9F93-8CD8C0D9E739}

==================== One Month Modified Files and Folders =======

2013-06-21 14:24 - 2013-06-21 14:24 - 00000000 ____D C:\FRST
2013-06-21 14:23 - 2013-06-21 14:23 - 01930994 ____A (Farbar) C:\Users\Honey\Desktop\FRST64.exe
2013-06-21 14:01 - 2012-04-06 22:15 - 00000000 ____D C:\Users\Honey\AppData\Local\CrashDumps
2013-06-21 13:51 - 2013-06-21 13:51 - 00377856 ____A C:\Users\Honey\Desktop\gmer_2.1.19163.exe
2013-06-21 13:49 - 2013-06-21 13:49 - 00000472 ____A C:\Users\Honey\Desktop\defogger_disable.log
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____A C:\Users\Honey\defogger_reenable
2013-06-21 13:49 - 2011-10-15 17:02 - 00000000 ____D C:\users\Honey
2013-06-21 13:48 - 2013-06-21 13:35 - 00102472 ____A C:\Users\Honey\Desktop\Extras.Txt
2013-06-21 13:47 - 2013-06-21 13:34 - 00128096 ____A C:\Users\Honey\Desktop\OTL.Txt
2013-06-21 13:47 - 2011-10-15 17:01 - 01840004 ____A C:\Windows\WindowsUpdate.log
2013-06-21 13:46 - 2013-06-21 13:46 - 00050477 ____A C:\Users\Honey\Desktop\Defogger.exe
2013-06-21 13:42 - 2013-06-21 13:41 - 00000000 ____D C:\Users\Honey\AppData\Local\{88D559F7-9B3B-4F1F-AD4B-42D98F644B59}
2013-06-21 13:24 - 2013-06-21 13:24 - 00602112 ____A (OldTimer Tools) C:\Users\Honey\Desktop\OTL.exe
2013-06-21 13:23 - 2013-06-21 13:23 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-06-21 13:01 - 2013-05-24 08:17 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-06-21 11:34 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-21 11:34 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-21 11:31 - 2011-05-19 19:14 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-21 11:31 - 2011-05-19 19:14 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-21 11:31 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 11:26 - 2013-06-14 21:34 - 00009724 ____A C:\Windows\PFRO.log
2013-06-21 11:26 - 2013-06-14 09:14 - 00001736 ____A C:\Windows\setupact.log
2013-06-21 11:26 - 2011-05-19 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-20 23:19 - 2013-06-20 23:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-20 23:08 - 2013-06-20 23:08 - 00215096 ____A C:\Users\Honey\Downloads\FromDocToPDF.exe
2013-06-20 23:04 - 2013-06-20 23:04 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG Secure Search
2013-06-20 22:21 - 2013-06-20 22:18 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 20:36 - 2012-09-19 18:28 - 00000000 ____D C:\Users\Honey\AppData\Local\Google
2013-06-20 19:48 - 2012-10-23 20:22 - 00041984 __ASH C:\Users\Honey\Thumbs.db
2013-06-19 14:44 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Doriip
2013-06-18 18:47 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Obyv
2013-06-18 14:52 - 2012-11-30 18:11 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-18 10:23 - 2013-06-18 10:23 - 00000000 ____D C:\Users\Honey\AppData\Local\{1056D527-3ECF-44D1-95DB-BF46A2D5A4D9}
2013-06-17 17:46 - 2013-06-17 17:46 - 00000000 ____D C:\Users\Honey\AppData\Local\{71F82577-7A1A-4D67-96A8-8E7D3B9680D2}
2013-06-16 21:55 - 2013-06-16 21:55 - 00000000 ____D C:\Users\Honey\AppData\Local\{F1411FFD-0068-4013-A3D2-B951685C57CA}
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-15 22:35 - 2013-06-15 22:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{71E6CC78-7174-4DB6-9FA8-C342FD47AD8C}
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 19:15 - 2012-11-30 18:11 - 00000000 ____D C:\ProgramData\Origin
2013-06-15 19:15 - 2012-11-30 18:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-15 18:39 - 2012-12-14 20:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-15 18:37 - 2012-11-30 18:12 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Origin
2013-06-15 18:36 - 2012-12-14 20:43 - 00000000 ____D C:\Users\Honey\AppData\Local\Origin
2013-06-15 08:01 - 2013-06-15 08:01 - 00000000 ____D C:\Users\Honey\AppData\Local\{51871D53-1D98-4F4A-B54B-F36892D1D0A8}
2013-06-14 21:37 - 2012-03-31 12:25 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 21:37 - 2012-03-31 12:25 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-14 21:37 - 2011-10-15 21:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 20:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 20:37 - 2011-10-16 18:54 - 00000000 ____D C:\Users\Honey\AppData\Roaming\vlc
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:25 - 2013-06-14 18:20 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:15 - 2013-06-14 18:14 - 00000000 ____D C:\ProgramData\Google
2013-06-14 18:15 - 2012-09-19 18:28 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-14 09:03 - 2013-06-14 09:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{57CC476A-C1FF-41AF-8157-34F19CE51197}
2013-06-14 08:51 - 2012-09-19 18:51 - 00000000 ____D C:\Windows\Minidump
2013-06-14 08:51 - 2011-10-26 20:02 - 00000000 ____D C:\Users\Honey\Tracing
2013-06-14 08:51 - 2011-02-11 00:48 - 00000000 ____D C:\Windows\Panther
2013-06-14 08:32 - 2013-06-03 12:31 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2011-10-16 09:34 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 21:31 - 2011-10-15 19:37 - 00000000 ____D C:\Users\Honey\Documents\Bluetooth Folder
2013-06-11 13:51 - 2013-06-05 22:11 - 00000513 ____A C:\Windows\wininit.ini
2013-06-11 13:50 - 2012-09-19 18:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-11 13:40 - 2013-06-11 13:40 - 00000000 ____D C:\Users\Honey\AppData\Local\{006B674A-8953-47FE-838B-FE0F600FF420}
2013-06-10 09:45 - 2013-06-10 09:45 - 00000000 ____D C:\Users\Honey\AppData\Local\{A85A67BA-DF02-41D2-835C-FE37113B41ED}
2013-06-09 08:25 - 2013-06-09 08:25 - 00000000 ____D C:\Users\Honey\AppData\Local\{67F3D753-09E4-49CB-A16D-B0053FA53F7A}
2013-06-08 16:08 - 2013-06-16 05:48 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 05:48 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 05:48 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:36 - 2013-06-08 13:36 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD3100D1-59E0-47B5-9F87-1C4D09908C08}
2013-06-08 13:13 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 20:55 - 2013-06-07 20:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-07 20:54 - 2012-03-24 19:59 - 00000000 ____D C:\Users\Honey\AppData\Roaming\DVDVideoSoft
2013-06-07 19:06 - 2013-06-07 19:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{14E69EA2-8725-444B-B324-1B05D257AD21}
2013-06-06 20:58 - 2013-06-06 20:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{B8FA846C-6895-4389-AF55-9AF995492A89}
2013-06-06 08:58 - 2013-06-06 08:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{F42863DB-C42B-4646-B385-7290EA6BFE13}
2013-06-05 22:11 - 2013-04-01 08:24 - 00000000 ____D C:\Program Files (x86)\BUDNI Fotowelt
2013-06-05 22:09 - 2013-05-26 20:34 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-06-05 22:09 - 2011-05-19 09:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-05 21:36 - 2012-09-19 18:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-06-05 21:30 - 2011-10-15 17:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Apple Computer
2013-06-05 19:03 - 2013-06-05 19:03 - 00000000 ____D C:\Users\Honey\AppData\Local\{27699CFD-8E0D-4630-84AC-5255C89F5A48}
2013-06-05 18:44 - 2012-09-19 18:28 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 22:43 - 2012-09-19 18:28 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-04 08:35 - 2013-06-04 08:35 - 00000000 ____D C:\Users\Honey\AppData\Local\{CD0603A9-7097-4709-AC3E-8B689AAA26A7}
2013-06-03 17:26 - 2013-06-03 12:29 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 15:08 - 2013-06-03 15:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{C69C325B-A781-4E60-9CFA-143E6191C571}
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\adawaretb
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\Program Files (x86)\adawaretb
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 12:13 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 12:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-03 12:11 - 2012-05-19 20:42 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-06-03 11:15 - 2013-06-03 11:15 - 00000000 ____D C:\Users\Honey\AppData\Local\{3A975F98-6270-4CB5-8CCC-5573C7612283}
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-01 07:29 - 2013-06-01 07:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{580EB522-F702-49A8-87A7-343F1D48D4C0}
2013-05-31 11:08 - 2013-05-31 11:08 - 00000000 ____D C:\Users\Honey\AppData\Local\{014FD6B5-CBCD-4F2F-940D-D3D056ACC676}
2013-05-31 08:49 - 2013-05-31 08:49 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Unix
2013-05-29 11:06 - 2013-05-29 11:06 - 00000000 ____D C:\Users\Honey\AppData\Local\{098DEC51-F5F8-46DD-9B85-689920840BF8}
2013-05-28 17:30 - 2013-05-28 17:30 - 00000000 ____D C:\Users\Honey\AppData\Local\{0D5EB7EA-9BB8-4031-84FC-4458ECEC7BAB}
2013-05-27 22:41 - 2013-05-27 22:41 - 00000000 ____D C:\Users\Honey\AppData\Local\{7E0802D5-AFC7-41F2-B37A-EF0BFC992B9A}
2013-05-27 09:36 - 2011-11-19 09:34 - 00027847 ____A C:\test.xml
2013-05-27 08:34 - 2013-05-27 08:34 - 00000000 ____D C:\Users\Honey\AppData\Local\{EAC1C630-ED67-47C2-AD1C-327228A1E0CA}
2013-05-26 21:06 - 2011-10-15 17:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\SoftGrid Client
2013-05-26 21:02 - 2013-05-26 20:56 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:23 - 2013-05-26 20:20 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 20:20 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:45 - 2013-05-26 19:11 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 19:11 - 2013-05-26 18:30 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-26 18:30 - 2013-05-26 18:30 - 01143787 ____A (Ubisoft                                                    ) C:\Users\Honey\Settlers7_GOLD_Setup.exe
2013-05-26 18:30 - 2013-05-26 18:29 - 00000000 ____D C:\Users\Honey\AppData\Local\Downloader
2013-05-26 16:58 - 2013-05-26 16:58 - 00000000 ____D C:\Users\Honey\AppData\Local\{2A22724A-7660-4AA6-8152-EE0AB7133D3C}
2013-05-24 16:29 - 2012-09-01 20:51 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-05-24 09:21 - 2013-05-24 09:13 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 08:23 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:22 - 2013-05-24 08:12 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare
2013-05-23 10:29 - 2013-05-23 10:29 - 00000000 ____D C:\Users\Honey\AppData\Local\{BA4FCBC3-3A79-49E2-8517-6229A5450E40}
2013-05-22 12:00 - 2013-05-22 12:00 - 00000000 ____D C:\Users\Honey\AppData\Local\{46829BE5-205D-4EA9-9F93-8CD8C0D9E739}

Files to move or delete:
====================
C:\Users\Honey\Settlers7_GOLD_Setup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-03 00:32

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2013 01
Ran by Honey at 2013-06-21 14:25:38 Run:
Running from C:\Users\Honey\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

?????? Windows Live (Version: 15.4.3502.0922)
???????? ?? Messenger (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
????????? Messenger (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
???????????? Windows Live (Version: 15.4.3502.0922)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader X (10.1.7) MUI (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Alps Pointing-device for VAIO
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.142)
ArcSoft WebCam Companion 4 (Version: 4.0.21.485)
Atheros WiFi Driver Installation (Version: 3.0)
Avira Free Antivirus (Version: 13.0.0.3640)
Bluetooth Win7 Suite (64) (Version: 7.3.0.95)
Bonjour (Version: 3.0.0.10)
Complément Messenger (Version: 15.4.3502.0922)
Complemento Messenger (Version: 15.4.3502.0922)
Conexant HD Audio (Version: 8.54.0.53)
D3DX10 (Version: 15.4.2368.0902)
Die Sims™ 3 (Version: 1.42.130)
Die Sims™ 3 Late Night (Version: 6.0.81)
Die Sims™ 3 Reiseabenteuer (Version: 2.0.86)
DivX-Setup (Version: 2.6.1.22)
Doplnok programu Messenger (Version: 15.4.3502.0922)
Downloader
eReg (Version: 1.20.138.34)
FilesFrog Update Checker
Free YouTube Download version 3.1.22.319 (Version: 3.1.22.319)
Free YouTube to MP3 Converter version 3.12.2.430 (Version: 3.12.2.430)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
GIMP 2.6.12 (Version: 2.6.12)
Google Chrome (Version: 27.0.1453.116)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
Hospital Tycoon (Version: 1.0)
IB Updater 2.0.0.578 (Version: 2.0.0.578)
iCloud (Version: 2.1.2.8)
iTunes (Version: 11.0.4.4)
Java Auto Updater (Version: 2.0.2.4)
Java(TM) 6 Update 22 (64-bit) (Version: 6.0.220)
Java(TM) 6 Update 22 (Version: 6.0.220)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Flow Scroll 4.0 (Version: 4.00.33)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Media Gallery (Version: 1.5.0.16020)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Assistent (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kíséro (Version: 15.4.3502.0922)
Messenger-kumppani (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nikon Movie Editor (Version: 2.2.4)
NVIDIA 3D Vision Treiber 268.31 (Version: 268.31)
NVIDIA Grafiktreiber 268.31 (Version: 268.31)
NVIDIA HD-Audiotreiber 1.2.22.1 (Version: 1.2.22.1)
NVIDIA Install Application (Version: 2.265.41.0)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6831)
NVIDIA Systemsteuerung 268.31 (Version: 268.31)
Origin (Version: 9.1.10.2728)
Picture Control Utility (Version: 1.4.1)
PMB (Version: 5.5.02.12220)
PMB VAIO Edition Plug-in (Version: 1.5.00.02250)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Pomocnik Messenger (Version: 15.4.3502.0922)
Qualcomm Atheros Direct Connect (Version: 3.0)
Quick Web Access (Version: 1.4.6.9)
QuickTime (Version: 7.74.80.86)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Remote Keyboard (Version: 1.1.1.07060)
Revo Uninstaller 1.93 (Version: 1.93)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
SimCity™ (Version: 1.0.0.0)
Skype™ 5.10 (Version: 5.10.116)
Sony Corporation (Version: 1.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (Version: 1.0.0)
swMSM (Version: 12.0.0.1)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VAIO - Media Gallery (Version: 1.5.0.16020)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.02250)
VAIO - PMB VAIO Edition Plug-in (Version: 1.5.10.06150)
VAIO - Remote-Tastatur  (Version: 1.1.0.07060)
VAIO Care (Version: 6.4.2.11150)
VAIO Control Center (Version: 4.5.0.03040)
VAIO Data Restore Tool (Version: 1.6.0.13140)
VAIO Easy Connect (Version: 1.1.2.01120)
VAIO Event Service (Version: 5.5.0.03040)
VAIO Gate (Version: 2.4.0.06210)
VAIO Gate Default (Version: 2.4.0.03240)
VAIO Hardware Diagnostics (Version: 4.2.0.14280)
VAIO Hero Screensaver - Summer 2011 Screensaver
VAIO Improvement Validation (Version: 1.0.4.01190)
VAIO Sample Contents (Version: 1.4.2.09010)
VAIO Smart Network (Version: 3.8.0.08120)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VCCx86 (Version: 1.0.0)
VESx64 (Version: 1.0.0)
VESx86 (Version: 1.0.0)
ViewNX 2 (Version: 2.2.5)
VLC media player 2.0.2 (Version: 2.0.2)
VSNx64 (Version: 1.0.0)
VSNx86 (Version: 1.0.0)
VU5x86 (Version: 1.0.0)
VWSTx86 (Version: 1.0.0)
Wildlife Park Gold
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
Windows OEM Preinstallation Kit (Version: 2.0.0.0)
WinRAR 4.01 (32-Bit) (Version: 4.01.0)

==================== Restore Points  =========================

20-06-2013 18:34:36 20.06.13
21-06-2013 11:37:55 OTL Restore Point - 21.06.2013 13:37:52
21-06-2013 11:46:35 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {0CA0ED80-A13A-4C2C-A19F-7A6848CB7BF0} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2013-04-08] (Microsoft Corporation)
Task: {2656E201-E473-4F1C-AE21-F680B08E7016} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient No File
Task: {2D46E034-DDA7-4678-AE50-760D22A22C62} - System32\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295} => C:\Windows\system32\msfeedssync.exe [2013-04-08] (Microsoft Corporation)
Task: {390AA7E8-E8C1-4B4F-A326-59C54B5633D1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {45850C39-772A-421E-9AD4-FAE5B80B1B44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {48EDA748-9F4C-450B-8495-E3DCBDD0D36F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {4AB1EA42-BAE6-490F-99A5-A6D72C33F4C5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {57BD232A-503D-41BB-93E7-A57EC741A5BF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {96A13FF4-6C01-4C12-9599-75D36BCA40C0} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {98FBD70F-C0A6-4809-921E-A9DDE916DEE9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {CC52CDF7-952F-4DCF-B01B-4C7CC7F3683B} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {D8E23843-77D2-45F3-BA82-D1F0557C1159} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {E8D3CBC5-2C00-4B75-B684-854AD8EBC219} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-14] (Adobe Systems Incorporated)
Task: {EB44CF62-1A16-453D-A779-50CA2AACBFAD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {EEA16AB5-E09E-4DBE-9EE4-32D0B090808A} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2013 02:01:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000218a
ID des fehlerhaften Prozesses: 0x1a84
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3

Error: (06/21/2013 01:57:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Name des fehlerhaften Moduls: gmer_2.1.19163.exe, Version: 2.1.19163.0, Zeitstempel: 0x515d31f0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000218a
ID des fehlerhaften Prozesses: 0x1030
Startzeit der fehlerhaften Anwendung: 0xgmer_2.1.19163.exe0
Pfad der fehlerhaften Anwendung: gmer_2.1.19163.exe1
Pfad des fehlerhaften Moduls: gmer_2.1.19163.exe2
Berichtskennung: gmer_2.1.19163.exe3

Error: (06/21/2013 11:37:03 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (06/21/2013 11:28:18 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2013 11:27:03 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (06/21/2013 01:20:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5257718

Error: (06/21/2013 01:20:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5257718

Error: (06/21/2013 01:20:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/20/2013 11:04:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 11:03:24 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.


System errors:
=============
Error: (06/21/2013 11:26:54 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?21.?06.?2013 um 01:39:23 unerwartet heruntergefahren.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (06/20/2013 08:03:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.


Microsoft Office Sessions:
=========================
Error: (06/21/2013 02:01:40 PM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c00000050000218a1a8401ce6e768a72e73cC:\Users\Honey\Desktop\gmer_2.1.19163.exeC:\Users\Honey\Desktop\gmer_2.1.19163.exe544e70f1-da6a-11e2-ad9b-90004ed5070a

Error: (06/21/2013 01:57:19 PM) (Source: Application Error)(User: )
Description: gmer_2.1.19163.exe2.1.19163.0515d31f0gmer_2.1.19163.exe2.1.19163.0515d31f0c00000050000218a103001ce6e75c7da68d6C:\Users\Honey\Desktop\gmer_2.1.19163.exeC:\Users\Honey\Desktop\gmer_2.1.19163.exeb900f49f-da69-11e2-ad9b-90004ed5070a

Error: (06/21/2013 11:37:03 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (06/21/2013 11:28:18 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/21/2013 11:27:03 AM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (06/21/2013 01:20:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5257718

Error: (06/21/2013 01:20:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5257718

Error: (06/21/2013 01:20:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/20/2013 11:04:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 11:03:24 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 4077.86 MB
Available physical RAM: 2095.68 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 6136.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.15 GB) (Free:348.65 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 24DDFD60)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Hoffe du hast jetzt alle Daten die du benötigst. Bin mir nicht sicher, ob ich das richtig gemacht habe.

schrauber 21.06.2013 19:12
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

sunshinebabe 21.06.2013 19:44
Code:
ComboFix 13-06-21.02 - Honey 21.06.2013  20:35:04.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4078.2325 [GMT 2:00]
ausgeführt von:: c:\users\Honey\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\logs
c:\users\Honey\Settlers7_GOLD_Setup.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-21 bis 2013-06-21  ))))))))))))))))))))))))))))))
.
.
2013-06-21 18:41 . 2013-06-21 18:41        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-21 18:36 . 2013-06-21 18:36        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9DA7DC2-162E-42F3-AA8D-D2FEECF2361A}\offreg.dll
2013-06-21 18:30 . 2013-06-21 18:30        --------        d-s---w-        c:\windows\SysWow64\Microsoft
2013-06-21 17:44 . 2013-06-21 17:44        --------        d-----w-        c:\users\Honey\AppData\Roaming\BabSolution
2013-06-21 17:43 . 2013-06-21 17:47        --------        d-----w-        c:\users\Honey\AppData\Roaming\DesktopIconForAmazon
2013-06-21 17:43 . 2013-06-21 17:43        --------        d-----w-        c:\users\Honey\AppData\Roaming\Babylon
2013-06-21 17:43 . 2013-06-21 17:43        --------        d-----w-        c:\programdata\Babylon
2013-06-21 17:43 . 2013-06-21 17:43        --------        d-----w-        c:\users\Honey\AppData\Roaming\OCS
2013-06-21 12:24 . 2013-06-21 12:24        --------        d-----w-        C:\FRST
2013-06-21 11:47 . 2013-06-12 03:08        9552976        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9DA7DC2-162E-42F3-AA8D-D2FEECF2361A}\mpengine.dll
2013-06-20 21:04 . 2013-06-20 21:04        --------        d-----w-        c:\users\Honey\AppData\Local\AVG Secure Search
2013-06-20 20:20 . 2013-06-20 20:20        --------        d-----w-        c:\users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 20:19 . 2013-06-20 20:19        45856        ----a-w-        c:\windows\system32\drivers\avgtpx64.sys
2013-06-20 20:19 . 2013-06-20 20:19        --------        d-----w-        c:\program files (x86)\Common Files\AVG Secure Search
2013-06-20 20:19 . 2013-06-20 20:19        --------        d-----w-        c:\program files (x86)\AVG SafeGuard toolbar
2013-06-16 19:45 . 2013-06-16 19:45        --------        d-----w-        c:\programdata\Uniblue
2013-06-15 16:54 . 2013-06-15 16:54        --------        d--h--w-        c:\program files (x86)\Common Files\EAInstaller
2013-06-14 18:38 . 2013-06-14 18:39        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 18:38 . 2013-06-14 18:39        --------        d-----w-        c:\program files\iTunes
2013-06-14 18:38 . 2013-06-14 18:39        --------        d-----w-        c:\program files (x86)\iTunes
2013-06-14 18:38 . 2013-06-14 18:38        --------        d-----w-        c:\program files\iPod
2013-06-14 16:15 . 2013-06-14 16:15        --------        d-----w-        c:\program files\Google
2013-06-13 18:55 . 2013-06-13 18:55        --------        d-----w-        c:\program files (x86)\Maxis
2013-06-12 20:01 . 2013-05-17 00:59        2241024        ----a-w-        c:\windows\system32\wininet.dll
2013-06-07 18:54 . 2013-06-07 18:55        --------        d-----w-        c:\program files (x86)\DVDVideoSoft
2013-06-07 18:54 . 2013-06-07 18:54        --------        d-----w-        c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-06-03 15:06 . 2013-06-03 15:06        --------        d-----w-        c:\program files (x86)\QuickTime
2013-06-03 10:34 . 2013-06-03 10:34        --------        d-----w-        c:\users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 10:34 . 2013-06-03 10:34        --------        d-----w-        c:\programdata\Ad-Aware Antivirus
2013-06-03 10:31 . 2013-06-14 06:32        --------        d-----w-        c:\program files (x86)\Ad-Aware Antivirus
2013-06-03 10:31 . 2013-06-03 10:31        --------        d-----w-        c:\programdata\Lavasoft
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\programdata\Downloaded Installations
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\programdata\blekko toolbars
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\programdata\adawaretb
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\program files (x86)\adawaretb
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\program files (x86)\Toolbar Cleaner
2013-06-03 10:29 . 2013-06-03 10:29        14456        ----a-w-        c:\windows\system32\drivers\gfibto.sys
2013-06-03 10:29 . 2013-06-03 15:26        --------        d-----w-        c:\users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 08:43 . 2013-06-03 08:43        --------        d-----w-        c:\users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 08:42 . 2013-06-03 08:42        --------        d-----w-        c:\programdata\Malwarebytes
2013-05-31 06:49 . 2013-06-19 12:44        --------        d-----w-        c:\users\Honey\AppData\Roaming\Doriip
2013-05-31 06:49 . 2013-06-18 16:47        --------        d-----w-        c:\users\Honey\AppData\Roaming\Obyv
2013-05-31 06:49 . 2013-05-31 06:49        --------        d-----w-        c:\users\Honey\AppData\Roaming\Unix
2013-05-26 18:56 . 2013-05-26 19:02        --------        d-----w-        c:\users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 18:34 . 2013-06-05 20:09        --------        d-----w-        c:\program files (x86)\Ubisoft
2013-05-26 18:20 . 2013-05-26 18:23        165550590        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 17:45 . 2013-05-26 18:20        2000000000        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 17:11 . 2013-05-26 17:45        2000000000        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 16:30 . 2013-05-26 17:11        1998856192        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-24 07:14 . 2013-05-24 07:14        --------        d-----w-        c:\program files (x86)\Common Files\soft Xpansion
2013-05-24 07:13 . 2013-05-24 07:14        --------        d-----w-        c:\program files (x86)\Common Files\Freemium
2013-05-24 07:13 . 2013-05-24 07:21        --------        d-----w-        c:\programdata\Freemium
2013-05-24 06:43 . 2013-05-13 03:52        23624        ----a-w-        c:\windows\Launcher.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 19:37 . 2012-03-31 10:25        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-14 19:37 . 2011-10-15 19:21        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 20:02 . 2011-10-16 07:34        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-05-18 06:11 . 2010-06-24 09:33        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 08:58 . 2012-09-19 16:26        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59        94208        ----a-w-        c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59        69632        ----a-w-        c:\windows\SysWow64\QuickTime.qts
2013-04-13 05:49 . 2013-05-15 04:54        135168        ----a-w-        c:\windows\apppatch\apppatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 04:54        350208        ----a-w-        c:\windows\apppatch\apppatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 04:54        308736        ----a-w-        c:\windows\apppatch\apppatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 04:54        111104        ----a-w-        c:\windows\apppatch\apppatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 04:54        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 04:54        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 10:03        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 04:54        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 04:54        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 04:54        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-04-08 17:23 . 2013-04-08 17:23        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-04-08 17:23 . 2013-04-08 17:23        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-04-08 17:23 . 2013-04-08 17:23        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-04-08 17:23 . 2013-04-08 17:23        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-04-08 17:23 . 2013-04-08 17:23        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-04-08 17:23 . 2013-04-08 17:23        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-04-08 17:23 . 2013-04-08 17:23        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-04-08 17:23 . 2013-04-08 17:23        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-08 17:23 . 2013-04-08 17:23        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-04-08 17:23 . 2013-04-08 17:23        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-04-08 17:23 . 2013-04-08 17:23        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-04-08 17:23 . 2013-04-08 17:23        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-04-08 17:23 . 2013-04-08 17:23        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-08 17:23 . 2013-04-08 17:23        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-04-08 17:23 . 2013-04-08 17:23        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-04-08 17:23 . 2013-04-08 17:23        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-04-08 17:23 . 2013-04-08 17:23        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-04-08 17:23 . 2013-04-08 17:23        441856        ----a-w-        c:\windows\system32\html.iec
2013-04-08 17:23 . 2013-04-08 17:23        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-04-08 17:23 . 2013-04-08 17:23        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-04-08 17:23 . 2013-04-08 17:23        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-04-08 17:23 . 2013-04-08 17:23        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-04-08 17:23 . 2013-04-08 17:23        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-04-08 17:23 . 2013-04-08 17:23        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-04-08 17:23 . 2013-04-08 17:23        235008        ----a-w-        c:\windows\system32\url.dll
2013-04-08 17:23 . 2013-04-08 17:23        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-04-08 17:23 . 2013-04-08 17:23        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-04-08 17:23 . 2013-04-08 17:23        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-04-08 17:23 . 2013-04-08 17:23        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-04-08 17:23 . 2013-04-08 17:23        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-04-08 17:23 . 2013-04-08 17:23        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-04-08 17:23 . 2013-04-08 17:23        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-04-08 17:23 . 2013-04-08 17:23        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-04-08 17:23 . 2013-04-08 17:23        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-04-08 17:23 . 2013-04-08 17:23        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-04-08 17:23 . 2013-04-08 17:23        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-04-08 17:23 . 2013-04-08 17:23        102912        ----a-w-        c:\windows\system32\inseng.dll
2013-04-08 17:23 . 2013-04-08 17:23        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-04-08 17:23 . 2013-04-08 17:23        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-04-08 17:23 . 2013-04-08 17:23        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-04-08 17:23 . 2013-04-08 17:23        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-04-08 17:23 . 2013-04-08 17:23        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-04-08 17:23 . 2013-04-08 17:23        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-04-08 17:23 . 2013-04-08 17:23        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-04-08 17:23 . 2013-04-08 17:23        149504        ----a-w-        c:\windows\system32\occache.dll
2013-04-08 17:23 . 2013-04-08 17:23        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-04-08 17:23 . 2013-04-08 17:23        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-04-08 17:23 . 2013-04-08 17:23        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-04-08 17:23 . 2013-04-08 17:23        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-06-20 1226928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASWRVRT
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 09:30        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:37]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19 16:28]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19 16:28]
.
2013-06-14 c:\windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
- c:\windows\system32\msfeedssync.exe [2013-04-08 17:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"LogiScrollApp"="c:\program files\Logitech\FlowScroll\KhalScroll.exe" [2012-02-08 166680]
"Ocs_SM"="c:\users\Honey\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2013-06-21 106496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mDefault_Search_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
mSearch Bar = about:blank
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.178.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\
FF - prefs.js: browser.startup.homepage -
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 647c5eca000000000000b2004ed50709
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15877
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.519:44
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119828&tt=180613_ndt4&tsp=4920
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Toolbar-!{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1608208894-3311642015-2121124740-1000\Software\SecuROM\License information*]
"datasecu"=hex:ab,10,31,01,26,cd,4f,a8,09,c1,a5,3c,2d,46,20,48,86,af,6e,e0,1a,
  8c,85,81,b0,c4,84,f7,df,d4,cf,2c,5c,e8,75,21,fd,ac,b0,ff,cd,98,8c,93,18,34,\
"rkeysecu"=hex:aa,0b,5a,07,65,8e,f6,ff,52,83,25,92,7d,98,64,96
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-21  20:43:19
ComboFix-quarantined-files.txt  2013-06-21 18:43
.
Vor Suchlauf: 13 Verzeichnis(se), 378.609.246.208 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 378.235.805.696 Bytes frei
.
- - End Of File - - B230D214AA45E1EB1BE883657837F79B
A36C5E4F47E84449FF07ED3517B43A31

schrauber 21.06.2013 19:59
Combofix-Skript
WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link
  • Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!
  • Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    Folder::
    c:\users\Honey\AppData\Roaming\Doriip
    c:\users\Honey\AppData\Roaming\Obyv
    c:\users\Honey\AppData\Roaming\Unix
  • Speichere dies als CFScript.txt auf deinem Desktop.
  • Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
    Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch probleme? :)

sunshinebabe 21.06.2013 21:01
Code:
ComboFix 13-06-21.02 - Honey 21.06.2013  21:28:23.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4078.2423 [GMT 2:00]
ausgeführt von:: c:\users\Honey\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Honey\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Honey\AppData\Roaming\Doriip
c:\users\Honey\AppData\Roaming\Obyv
c:\users\Honey\AppData\Roaming\Obyv\puota.iga
c:\users\Honey\AppData\Roaming\Unix
c:\users\Honey\AppData\Roaming\Unix\ovze.pyo
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-21 bis 2013-06-21  ))))))))))))))))))))))))))))))
.
.
2013-06-21 19:55 . 2013-06-21 19:55        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-21 19:00 . 2013-06-21 19:00        --------        d-----w-        c:\users\Honey\AppData\Roaming\Avira
2013-06-21 18:57 . 2013-06-21 18:56        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2013-06-21 18:57 . 2013-06-21 18:56        130016        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2013-06-21 18:57 . 2013-06-21 18:56        100712        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2013-06-21 18:57 . 2013-06-21 18:57        --------        d-----w-        c:\programdata\Avira
2013-06-21 18:57 . 2013-06-21 18:57        --------        d-----w-        c:\program files (x86)\Avira
2013-06-21 18:30 . 2013-06-21 18:30        --------        d-s---w-        c:\windows\SysWow64\Microsoft
2013-06-21 17:44 . 2013-06-21 17:44        --------        d-----w-        c:\users\Honey\AppData\Roaming\BabSolution
2013-06-21 17:43 . 2013-06-21 17:47        --------        d-----w-        c:\users\Honey\AppData\Roaming\DesktopIconForAmazon
2013-06-21 17:43 . 2013-06-21 17:43        --------        d-----w-        c:\users\Honey\AppData\Roaming\Babylon
2013-06-21 17:43 . 2013-06-21 17:43        --------        d-----w-        c:\programdata\Babylon
2013-06-21 17:43 . 2013-06-21 17:43        --------        d-----w-        c:\users\Honey\AppData\Roaming\OCS
2013-06-21 12:24 . 2013-06-21 12:24        --------        d-----w-        C:\FRST
2013-06-21 11:47 . 2013-06-12 03:08        9552976        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F9DA7DC2-162E-42F3-AA8D-D2FEECF2361A}\mpengine.dll
2013-06-20 21:04 . 2013-06-20 21:04        --------        d-----w-        c:\users\Honey\AppData\Local\AVG Secure Search
2013-06-20 20:20 . 2013-06-20 20:20        --------        d-----w-        c:\users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 20:19 . 2013-06-20 20:19        45856        ----a-w-        c:\windows\system32\drivers\avgtpx64.sys
2013-06-20 20:19 . 2013-06-20 20:19        --------        d-----w-        c:\program files (x86)\Common Files\AVG Secure Search
2013-06-20 20:19 . 2013-06-20 20:19        --------        d-----w-        c:\program files (x86)\AVG SafeGuard toolbar
2013-06-16 19:45 . 2013-06-16 19:45        --------        d-----w-        c:\programdata\Uniblue
2013-06-15 16:54 . 2013-06-15 16:54        --------        d--h--w-        c:\program files (x86)\Common Files\EAInstaller
2013-06-14 18:38 . 2013-06-14 18:39        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 18:38 . 2013-06-14 18:39        --------        d-----w-        c:\program files\iTunes
2013-06-14 18:38 . 2013-06-14 18:39        --------        d-----w-        c:\program files (x86)\iTunes
2013-06-14 18:38 . 2013-06-14 18:38        --------        d-----w-        c:\program files\iPod
2013-06-14 16:15 . 2013-06-14 16:15        --------        d-----w-        c:\program files\Google
2013-06-13 18:55 . 2013-06-13 18:55        --------        d-----w-        c:\program files (x86)\Maxis
2013-06-12 20:01 . 2013-05-17 00:59        2241024        ----a-w-        c:\windows\system32\wininet.dll
2013-06-07 18:54 . 2013-06-07 18:55        --------        d-----w-        c:\program files (x86)\DVDVideoSoft
2013-06-07 18:54 . 2013-06-07 18:54        --------        d-----w-        c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-06-03 15:06 . 2013-06-03 15:06        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2013-06-03 15:06 . 2013-06-03 15:06        --------        d-----w-        c:\program files (x86)\QuickTime
2013-06-03 10:34 . 2013-06-03 10:34        --------        d-----w-        c:\users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 10:34 . 2013-06-03 10:34        --------        d-----w-        c:\programdata\Ad-Aware Antivirus
2013-06-03 10:31 . 2013-06-14 06:32        --------        d-----w-        c:\program files (x86)\Ad-Aware Antivirus
2013-06-03 10:31 . 2013-06-03 10:31        --------        d-----w-        c:\programdata\Lavasoft
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\programdata\Downloaded Installations
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\programdata\blekko toolbars
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\programdata\adawaretb
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\program files (x86)\adawaretb
2013-06-03 10:30 . 2013-06-03 10:30        --------        d-----w-        c:\program files (x86)\Toolbar Cleaner
2013-06-03 10:29 . 2013-06-03 10:29        14456        ----a-w-        c:\windows\system32\drivers\gfibto.sys
2013-06-03 10:29 . 2013-06-03 15:26        --------        d-----w-        c:\users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 08:43 . 2013-06-03 08:43        --------        d-----w-        c:\users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 08:42 . 2013-06-03 08:42        --------        d-----w-        c:\programdata\Malwarebytes
2013-05-26 18:56 . 2013-05-26 19:02        --------        d-----w-        c:\users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 18:34 . 2013-06-05 20:09        --------        d-----w-        c:\program files (x86)\Ubisoft
2013-05-26 18:20 . 2013-05-26 18:23        165550590        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 17:45 . 2013-05-26 18:20        2000000000        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 17:11 . 2013-05-26 17:45        2000000000        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 16:30 . 2013-05-26 17:11        1998856192        ----a-w-        c:\users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-24 07:14 . 2013-05-24 07:14        --------        d-----w-        c:\program files (x86)\Common Files\soft Xpansion
2013-05-24 07:13 . 2013-05-24 07:14        --------        d-----w-        c:\program files (x86)\Common Files\Freemium
2013-05-24 07:13 . 2013-05-24 07:21        --------        d-----w-        c:\programdata\Freemium
2013-05-24 06:43 . 2013-05-13 03:52        23624        ----a-w-        c:\windows\Launcher.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 19:37 . 2012-03-31 10:25        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-14 19:37 . 2011-10-15 19:21        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 20:02 . 2011-10-16 07:34        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-05-18 06:11 . 2010-06-24 09:33        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 08:58 . 2012-09-19 16:26        287840        ----a-w-        c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59        94208        ----a-w-        c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59        69632        ----a-w-        c:\windows\SysWow64\QuickTime.qts
2013-04-13 05:49 . 2013-05-15 04:54        135168        ----a-w-        c:\windows\apppatch\apppatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 04:54        350208        ----a-w-        c:\windows\apppatch\apppatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 04:54        308736        ----a-w-        c:\windows\apppatch\apppatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 04:54        111104        ----a-w-        c:\windows\apppatch\apppatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 04:54        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 04:54        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 10:03        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 04:54        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 04:54        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 04:54        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-04-08 17:23 . 2013-04-08 17:23        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-04-08 17:23 . 2013-04-08 17:23        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-04-08 17:23 . 2013-04-08 17:23        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-04-08 17:23 . 2013-04-08 17:23        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-04-08 17:23 . 2013-04-08 17:23        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-04-08 17:23 . 2013-04-08 17:23        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-04-08 17:23 . 2013-04-08 17:23        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-04-08 17:23 . 2013-04-08 17:23        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-08 17:23 . 2013-04-08 17:23        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-04-08 17:23 . 2013-04-08 17:23        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-04-08 17:23 . 2013-04-08 17:23        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-04-08 17:23 . 2013-04-08 17:23        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-04-08 17:23 . 2013-04-08 17:23        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-08 17:23 . 2013-04-08 17:23        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-04-08 17:23 . 2013-04-08 17:23        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-04-08 17:23 . 2013-04-08 17:23        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-04-08 17:23 . 2013-04-08 17:23        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-04-08 17:23 . 2013-04-08 17:23        441856        ----a-w-        c:\windows\system32\html.iec
2013-04-08 17:23 . 2013-04-08 17:23        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-04-08 17:23 . 2013-04-08 17:23        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-04-08 17:23 . 2013-04-08 17:23        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-04-08 17:23 . 2013-04-08 17:23        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-04-08 17:23 . 2013-04-08 17:23        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-04-08 17:23 . 2013-04-08 17:23        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-04-08 17:23 . 2013-04-08 17:23        235008        ----a-w-        c:\windows\system32\url.dll
2013-04-08 17:23 . 2013-04-08 17:23        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-04-08 17:23 . 2013-04-08 17:23        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-04-08 17:23 . 2013-04-08 17:23        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-04-08 17:23 . 2013-04-08 17:23        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-04-08 17:23 . 2013-04-08 17:23        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-04-08 17:23 . 2013-04-08 17:23        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-04-08 17:23 . 2013-04-08 17:23        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-04-08 17:23 . 2013-04-08 17:23        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-04-08 17:23 . 2013-04-08 17:23        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-04-08 17:23 . 2013-04-08 17:23        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-04-08 17:23 . 2013-04-08 17:23        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-04-08 17:23 . 2013-04-08 17:23        102912        ----a-w-        c:\windows\system32\inseng.dll
2013-04-08 17:23 . 2013-04-08 17:23        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-04-08 17:23 . 2013-04-08 17:23        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-04-08 17:23 . 2013-04-08 17:23        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-04-08 17:23 . 2013-04-08 17:23        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-04-08 17:23 . 2013-04-08 17:23        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-04-08 17:23 . 2013-04-08 17:23        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-04-08 17:23 . 2013-04-08 17:23        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-04-08 17:23 . 2013-04-08 17:23        149504        ----a-w-        c:\windows\system32\occache.dll
2013-04-08 17:23 . 2013-04-08 17:23        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-04-08 17:23 . 2013-04-08 17:23        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-04-08 17:23 . 2013-04-08 17:23        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-04-08 17:23 . 2013-04-08 17:23        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-06-20 1226928]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-21 345312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 cpuz134;cpuz134;c:\users\Honey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Honey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Honey\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe;c:\users\Honey\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AVIPBB
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 09:30        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 19:37]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19 16:28]
.
2013-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19 16:28]
.
2013-06-14 c:\windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
- c:\windows\system32\msfeedssync.exe [2013-04-08 17:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-31 790176]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-31 657056]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"LogiScrollApp"="c:\program files\Logitech\FlowScroll\KhalScroll.exe" [2012-02-08 166680]
"Ocs_SM"="c:\users\Honey\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2013-06-21 106496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mDefault_Search_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
mSearch Bar = about:blank
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Honey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.178.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\
FF - prefs.js: browser.startup.homepage -
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 647c5eca000000000000b2004ed50709
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15877
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.519:44
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119828&tt=180613_ndt4&tsp=4920
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Toolbar-!{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1608208894-3311642015-2121124740-1000\Software\SecuROM\License information*]
"datasecu"=hex:ab,10,31,01,26,cd,4f,a8,09,c1,a5,3c,2d,46,20,48,86,af,6e,e0,1a,
  8c,85,81,b0,c4,84,f7,df,d4,cf,2c,5c,e8,75,21,fd,ac,b0,ff,cd,98,8c,93,18,34,\
"rkeysecu"=hex:aa,0b,5a,07,65,8e,f6,ff,52,83,25,92,7d,98,64,96
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-21  21:57:53
ComboFix-quarantined-files.txt  2013-06-21 19:57
ComboFix2.txt  2013-06-21 18:43
.
Vor Suchlauf: 19 Verzeichnis(se), 377.351.294.976 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 376.915.312.640 Bytes frei
.
- - End Of File - - C54A46E32B7D18429BFE514EE27DED2A
A36C5E4F47E84449FF07ED3517B43A31
Code:
# AdwCleaner v2.303 - Datei am 21/06/2013 um 22:03:07 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Honey - HONEY-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Honey\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : SearchAnonymizer

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\searchplugins\delta.xml
Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\adawaretb
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Windows iLivid Toolbar
Ordner Gelöscht : C:\ProgramData\adawaretb
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Honey\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Honey\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\HomeTab
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Honey\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\adawaretb
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\CT2269050
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\Smartbar
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Honey\AppData\Roaming\Toolplugin

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SearchCore for Browsers
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\IB Updater
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5d2d98ab169bf10
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\prefs.js

C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2269050.1000082.isDisplayHidden", "true");
Gelöscht : user_pref("CT2269050.1000082.isPlayDisplay", "true");
Gelöscht : user_pref("CT2269050.1000082.state", "{\"state\":\"stopped\",\"text\":\"Hotmix 108\",\"description\"[...]
Gelöscht : user_pref("CT2269050.1000234.TWC_TMP_city", "BERLIN");
Gelöscht : user_pref("CT2269050.1000234.TWC_TMP_country", "DE");
Gelöscht : user_pref("CT2269050.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT2269050.FirstTime", "true");
Gelöscht : user_pref("CT2269050.FirstTimeFF3", "true");
Gelöscht : user_pref("CT2269050.LoginRevertSettingsEnabled", true);
Gelöscht : user_pref("CT2269050.RevertSettingsEnabled", true);
Gelöscht : user_pref("CT2269050.UserID", "UN71752574880226490");
Gelöscht : user_pref("CT2269050.addressBarTakeOverEnabledInHidden", "true");
Gelöscht : user_pref("CT2269050.autoDisableScopes", -1);
Gelöscht : user_pref("CT2269050.defaultSearch", "FALSE");
Gelöscht : user_pref("CT2269050.enableAlerts", "always");
Gelöscht : user_pref("CT2269050.enableFix404ByUser", "TRUE");
Gelöscht : user_pref("CT2269050.firstTimeDialogOpened", "true");
Gelöscht : user_pref("CT2269050.fixPageNotFoundErrorByUser", "TRUE");
Gelöscht : user_pref("CT2269050.fixPageNotFoundErrorInHidden", "true");
Gelöscht : user_pref("CT2269050.fixUrls", true);
Gelöscht : user_pref("CT2269050.homepageuserchanged", true);
Gelöscht : user_pref("CT2269050.isCheckedStartAsHidden", true);
Gelöscht : user_pref("CT2269050.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.isFirstTimeToolbarLoading", "false");
Gelöscht : user_pref("CT2269050.isNewTabEnabled", true);
Gelöscht : user_pref("CT2269050.isPerformedSmartBarTransition", "true");
Gelöscht : user_pref("CT2269050.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT2269050.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Gelöscht : user_pref("CT2269050.lastVersion", "10.16.2.509");
Gelöscht : user_pref("CT2269050.migrateAppsAndComponents", true);
Gelöscht : user_pref("CT2269050.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxps[...]
Gelöscht : user_pref("CT2269050.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.openThankYouPage", "FALSE");
Gelöscht : user_pref("CT2269050.openUninstallPage", "FALSE");
Gelöscht : user_pref("CT2269050.search.searchAppId", "128834881989343895");
Gelöscht : user_pref("CT2269050.search.searchCount", "0");
Gelöscht : user_pref("CT2269050.searchInNewTabEnabledByUser", "true");
Gelöscht : user_pref("CT2269050.searchInNewTabEnabledInHidden", "true");
Gelöscht : user_pref("CT2269050.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2269050.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2269050.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350315466758");
Gelöscht : user_pref("CT2269050.serviceLayer_services_appTracking_lastUpdate", "1350315347586");
Gelöscht : user_pref("CT2269050.serviceLayer_services_appsMetadata_lastUpdate", "1351016097754");
Gelöscht : user_pref("CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350315466623");
Gelöscht : user_pref("CT2269050.serviceLayer_services_location_lastUpdate", "1369402077354");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.10.2.10_lastUpdate", "1338385588159");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.13.1.89_lastUpdate", "1357140219118");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.13.40.15_lastUpdate", "1363449243064");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.14.65.43_lastUpdate", "1364669846483");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366652400533");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368785065076");
Gelöscht : user_pref("CT2269050.serviceLayer_services_login_10.16.2.509_lastUpdate", "1369402077291");
Gelöscht : user_pref("CT2269050.serviceLayer_services_optimizer_lastUpdate", "1351016098197");
Gelöscht : user_pref("CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350315466652");
Gelöscht : user_pref("CT2269050.serviceLayer_services_searchAPI_lastUpdate", "1351016072495");
Gelöscht : user_pref("CT2269050.serviceLayer_services_serviceMap_lastUpdate", "1369402077190");
Gelöscht : user_pref("CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350315466577");
Gelöscht : user_pref("CT2269050.serviceLayer_services_toolbarSettings_lastUpdate", "1369402077357");
Gelöscht : user_pref("CT2269050.serviceLayer_services_translation_lastUpdate", "1369402077345");
Gelöscht : user_pref("CT2269050.settingsINI", true);
Gelöscht : user_pref("CT2269050.shouldFirstTimeDialog", "FALSE");
Gelöscht : user_pref("CT2269050.showToolbarPermission", "false");
Gelöscht : user_pref("CT2269050.smartbar.CTID", "CT2269050");
Gelöscht : user_pref("CT2269050.smartbar.Uninstall", "0");
Gelöscht : user_pref("CT2269050.smartbar.isHidden", true);
Gelöscht : user_pref("CT2269050.smartbar.toolbarName", "DVDVideoSoftTB ");
Gelöscht : user_pref("CT2269050.startPage", "userChanged");
Gelöscht : user_pref("CT2269050.toolbarBornServerTime", "30-5-2012");
Gelöscht : user_pref("CT2269050.toolbarCurrentServerTime", "24-5-2013");
Gelöscht : user_pref("CT2269050.toolbarLoginClientTime", "Sat Mar 30 2013 20:10:29 GMT+0100");
Gelöscht : user_pref("CT2269050_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gelöscht : user_pref("extensions.BabylonToolbar.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar.babTrack", "affID=115308&tt=3512_7");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "647c5eca000000000000b2004ed50709");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15583");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1219:21:28");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1219:21:28");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115308&tt=3512_7");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1219:21:28");
Gelöscht : user_pref("extensions.incredibar.admin", false);
Gelöscht : user_pref("extensions.incredibar.aflt", "orgnl");
Gelöscht : user_pref("extensions.incredibar.cntry", "DE");
Gelöscht : user_pref("extensions.incredibar.dfltLng", "");
Gelöscht : user_pref("extensions.incredibar.dfltSrch", false);
Gelöscht : user_pref("extensions.incredibar.did", "10643");
Gelöscht : user_pref("extensions.incredibar.envrmnt", "production");
Gelöscht : user_pref("extensions.incredibar.excTlbr", false);
Gelöscht : user_pref("extensions.incredibar.hdrMd5", "143D2906A3492C95289AD25E4305F2D2");
Gelöscht : user_pref("extensions.incredibar.hmpg", false);
Gelöscht : user_pref("extensions.incredibar.id", "647c5eca000000000000b2004ed50709");
Gelöscht : user_pref("extensions.incredibar.installerproductid", "26");
Gelöscht : user_pref("extensions.incredibar.instlDay", "15687");
Gelöscht : user_pref("extensions.incredibar.instlRef", "");
Gelöscht : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1418:32:26");
Gelöscht : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Gelöscht : user_pref("extensions.incredibar.newTab", false);
Gelöscht : user_pref("extensions.incredibar.noFFXTlbr", false);
Gelöscht : user_pref("extensions.incredibar.ppd", "6666660837");
Gelöscht : user_pref("extensions.incredibar.prdct", "incredibar");
Gelöscht : user_pref("extensions.incredibar.productid", "26");
Gelöscht : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Gelöscht : user_pref("extensions.incredibar.sg", "none");
Gelöscht : user_pref("extensions.incredibar.smplGrp", "none");
Gelöscht : user_pref("extensions.incredibar.tlbrId", "base");
Gelöscht : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyX5dVgYr&loc=IB_T[...]
Gelöscht : user_pref("extensions.incredibar.upn2", "6OyX5dVgYr");
Gelöscht : user_pref("extensions.incredibar.upn2n", "92262615453743115");
Gelöscht : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1418:32:26");
Gelöscht : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl");
Gelöscht : user_pref("extensions.incredibar_i.dfltLng", "");
Gelöscht : user_pref("extensions.incredibar_i.did", "10643");
Gelöscht : user_pref("extensions.incredibar_i.excTlbr", false);
Gelöscht : user_pref("extensions.incredibar_i.id", "647c5eca000000000000b2004ed50709");
Gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26");
Gelöscht : user_pref("extensions.incredibar_i.instlDay", "15687");
Gelöscht : user_pref("extensions.incredibar_i.instlRef", "");
Gelöscht : user_pref("extensions.incredibar_i.ms_url_id", "");
Gelöscht : user_pref("extensions.incredibar_i.newTab", false);
Gelöscht : user_pref("extensions.incredibar_i.ppd", "6666660837");
Gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar");
Gelöscht : user_pref("extensions.incredibar_i.productid", "26");
Gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base");
Gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyX5dVgYr&loc=IB[...]
Gelöscht : user_pref("extensions.incredibar_i.upn2", "6OyX5dVgYr");
Gelöscht : user_pref("extensions.incredibar_i.upn2n", "92262615453743115");
Gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1418:32:26");
Gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT2269050");
Gelöscht : user_pref("smartbar.machineId", "HZC+1WGBVDUAUTVXTENBR8HCRBV8URQNW7DA0BX8GCDCCL3XPDHPJ3N/2FITYYQPFZO[...]
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
Gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]
Gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://search.conduit.c[...]
Gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://search.condu[...]
Gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [35511 octets] - [21/06/2013 22:03:07]

########## EOF - C:\AdwCleaner[S1].txt - [35572 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Honey on 21.06.2013 at 22:10:04,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{255F4D76-2D97-4962-8A3D-058AD48A57B9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4531C4FD-21DB-4C85-806A-68C4B9BFEBDB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AE964E5E-C560-43DE-B7C9-DBEC33B131F9}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{006B674A-8953-47FE-838B-FE0F600FF420}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{014FD6B5-CBCD-4F2F-940D-D3D056ACC676}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{01777441-B746-4561-9BAA-277115C01268}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{04593739-801F-4E07-8036-80E2E16E35B2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{05904F62-BC76-4FF5-BB2B-6610A11A2B96}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{07977B6E-703B-4AF4-B85D-94F3E7404D72}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{07B24779-6DFC-498B-A0DC-BD2C853DE7A0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{07D8DB37-8312-48EB-82A6-7D79BA231951}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{08602851-9B7D-4F3F-9B43-C1F38EF086EA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{08606F8B-2EA0-449F-9486-E39C67EE367E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0926861A-D6A8-4DAC-B75D-9CEF99D30699}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0931563C-4082-4F06-B75B-4964BAC7D500}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{098DEC51-F5F8-46DD-9B85-689920840BF8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0AAE93F8-9D7C-4ADC-8DE3-455DD93939F8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0ABC52D7-DEFE-47AA-9C26-0067FFB896AE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0AC069FB-B64E-4C07-BC6A-9A6BA2AB1719}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0C96F893-E9CB-45FA-BBE1-10BFE5465202}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0D5EB7EA-9BB8-4031-84FC-4458ECEC7BAB}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0EEB2F8F-6C01-45A6-B49E-0BC83B6B0806}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0F785BC9-4AAA-4B42-A8DF-5CC1D808D8DC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{0FB8B734-1EE6-40DD-B1E5-7444D83AC3D4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{102A824A-C5B0-485C-91FC-19004598F688}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1056D527-3ECF-44D1-95DB-BF46A2D5A4D9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1099E087-1062-4F56-8BA3-286C1A0BC424}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{10C67176-C100-4144-BC9B-3DE30686C77D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1120F3BF-CB4B-4193-97C2-0661E7263B8F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{12C0D9A5-EA53-4DD2-B920-445510149D95}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{12C9521E-81E9-40B7-8AEF-4EE7157578C9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{13576A79-86BB-4F2A-AB1C-874E86842CF2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{136FB32B-40B5-47E3-9736-3EB733D87F5F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{137518A5-BC40-44D8-BE6D-C44CF6375A5D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1407146F-D740-47EA-AA9F-798714773018}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{14A07717-F28E-4DDC-A709-CFB9D459AE67}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{14E69EA2-8725-444B-B324-1B05D257AD21}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{14F7005D-DD24-490A-939F-E29792C489C0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1571F789-79D5-476D-A852-2492EEE32299}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{15F52451-A5FD-465C-95D5-6E10B8C25742}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1627966F-F0E8-4231-B1D4-543C97BA3371}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{166675C4-1EA9-4E23-BFB3-079811734384}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{172738F7-5FDC-400F-9A07-8C4775E93362}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{17BEFA29-E056-4CBA-841D-C3B644991C06}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{17E7EB51-C715-4EF9-8DD3-3322456697E1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1846D32F-1249-474C-8C8D-918B88D6E55B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{18FF1758-E0F4-4F68-9AA2-D773E3F57962}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{192C74E4-1BFA-44F0-BDD4-81E41AFCB517}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1BBFAAE7-B9BD-47C2-AA2A-1EA194DBD5C6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1BF71C9E-EAC4-43A6-B602-7C84C22D9D96}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1BFB804F-67F6-4E3C-9FB8-B96E97B0999B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1C888350-403F-4C3D-82F6-E788BCB0062C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1C97487E-CB94-4673-B3AA-8A2ADA9ED5CD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1D0DCBA6-E97E-4EF0-A3E6-E680455FD65A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1F9FD103-DDA8-457B-BB4F-3596BA4CBE3D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{1FAA9314-BCCB-4EFE-A50D-BFBCC09F0D88}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2150F445-EE9E-474B-81F6-994DFBE532D9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{215E3A20-5214-45A5-A650-7F0882FA9666}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{21A68668-E5BC-4902-B995-3FF2747C8B66}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{22F929D4-3994-46B2-BBE6-0EB8D361607E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{23935914-99BC-4E91-88E2-010DB808005E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{23A2EBAA-5757-4983-A4BD-D2E008999D3D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2409A3E2-74E7-46DF-BFCF-788A146F7E9D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{24233ED2-045D-48A8-BE69-C2DD10A8FABB}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{24E6302F-E006-4712-874E-B6E5340A6309}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{24EF72D6-C9D0-475E-8FD4-CA76AD6DBC83}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2571D80E-5247-41BF-AFDA-43912B43687C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{257D5A11-195F-40D5-812E-7532577B694D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{260A4F58-4391-49E0-BD6A-D31F38360A68}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{275C715D-0A60-4E08-A3F1-F31177F0BD44}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{27699CFD-8E0D-4630-84AC-5255C89F5A48}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{27B68C56-901E-4E30-993B-E5DDBB4F8D3E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{28A0730D-DFCD-401A-8350-111362171223}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{28C23EF7-4041-4329-87E2-B380668035EA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{28DD146F-2C8F-4A78-8D71-6F8486A29A34}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{29DE3457-511B-45B8-9BC6-366B4B616D4A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{29DECC19-704D-4BF6-9DB5-83F7EDA33966}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2A22724A-7660-4AA6-8152-EE0AB7133D3C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2AA06258-D54A-4C05-ADCD-0F191A924AA3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2B981CC1-2B6D-44B5-9B36-472241D999A4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2C792F41-CCBE-453F-BA75-BFE331183889}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2C8B84CB-D39B-4547-AFAD-71E7479D3C67}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2C983184-5B79-4B67-80A6-E45D09B059A6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2D00EBCD-5D84-41DC-898A-0D210408A6D4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2D6B5F02-FE9D-4854-90AA-D0488A5E6CD2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2D9566C5-0F63-451E-870C-32AA160A2690}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{2EB7CCAA-999A-49EA-875F-523E18434F1E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{30133513-F30D-45AC-9EEE-581E9AEC9F5F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{30A1A278-B267-4803-B22A-1A14E75C45BD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{30DDF185-76C5-48F0-91A2-B98D4E1FE4C9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{318129EC-FBCF-43BE-B6ED-7DA6DB2C22F6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{32A696D3-2E29-4458-8A7C-E71521B68ADE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{332EC02D-58B3-4430-B766-4351A062050B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{33BBE3E8-BB34-4DC6-A236-BC5B314DB515}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{33D80DE0-6CCA-4D2D-956E-3A53A2BA7162}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{340F8492-F4A3-4F4F-A81A-934D03782C04}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{341DB276-408C-4909-9841-182AAF765F72}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3506969A-E5ED-4663-9BA1-A1AA3C239290}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{36988AC2-5D26-4567-A0D9-3FCF01114BC8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3699FA09-0BCC-4F95-9346-20E6DCE88301}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{36E8EBF3-EFB9-486C-9352-901621BAD862}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{37663111-15E7-4795-BA6C-E4E7EB59C651}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{387F0ACD-A811-4DF2-894F-73BC8356AD87}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{38AD1B46-1B01-44E7-912D-F8EF60F86131}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{38D15D02-2FD6-42CD-9DB2-163FEAEFDDED}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{39D3B3E0-5622-4363-B822-DBC4299AE7A8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3A8AA435-FE1A-4BB3-9DDD-866A3607B688}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3A975F98-6270-4CB5-8CCC-5573C7612283}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3ABA3F2B-DBF2-4216-B65C-5F2468A56315}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3ACB60C6-77B0-406B-8DE7-294977065FA1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3D3B7FBA-B013-410E-A875-2EDC6D3ADF32}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3DD69051-714A-4225-8FE8-A5DEE8A4FBB1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3F391B62-DC6C-4DB7-BD03-B8A4712E0F1F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{3F3BA553-DE52-496F-9E82-B02408A5F9E0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{40848F26-8195-4EE8-8A62-0184392D1DD5}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4183A755-FE33-4F18-96AF-A46BA40B1FBB}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4443E333-3B02-45FC-9ED9-82F9208E475D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{44AD2C7A-9691-44BF-A0D0-CBA33C860780}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{45C237E8-A801-4C56-80BA-485EFA0B67A4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4676A339-5B60-442B-8664-62760DD88AC8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{46829BE5-205D-4EA9-9F93-8CD8C0D9E739}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4699F3B6-0CD5-4F9D-AB5F-97F14D5B89DC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{48223C18-EC3C-4DEF-8B45-66377B330929}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{487B7258-0962-4C6B-BC7C-D46AC61E63F3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{487C0945-DD8E-4164-936E-26F1EC7E0520}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{487F05BA-6569-4E11-AD09-F985A2524411}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{48864810-3C54-4A3C-B7DD-AC14DFE36FDB}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4991BDB8-1A1C-406B-A5A0-4C75FD929BF8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4A172D7C-7F7B-4E7D-993A-00CBC11EFFF2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4A3F78BF-A101-449D-9A4D-B8F9A61EF1F8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4B406DB8-A61F-4EDA-8637-8A5999DD7256}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4BE07484-68F0-4942-A10C-FBC3492C92AC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4C865BF3-233B-4DC5-8724-6695EB4BCD3D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4D02A6EB-B472-45D7-910B-7AA733C413A1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4DB70329-5221-49ED-8D90-588BF286E1F3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{4DD3EC7F-8C14-46F6-BE9A-B0A9C189BE57}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{501F062F-A0D4-472E-AF53-83501F0673BF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5167CE9C-4B0E-4612-BAEE-36A529FCB75B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{51871D53-1D98-4F4A-B54B-F36892D1D0A8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{51B186EB-5C71-434D-B190-2E3E6C1119B9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{51D9CA5D-800F-4329-9539-9F5C7D4A037B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{52F3C15A-3EEE-4165-A3F9-A2D9935C58FF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{534AB995-F077-4F3A-9C62-9F03919328DE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{545FA90A-B756-472B-8F0F-3D886674E815}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{54796308-B7C5-4DA8-B254-ED2392F81228}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{54EAF276-99C0-4B47-92EB-0B0302C4695D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{555B5C78-57E5-4E33-8145-D4C8BF690277}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5589B30A-60AF-42AE-A186-3BD3BF98CDC7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{559EF974-B538-42B5-89BB-171C39AEBDE4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{567486C6-28D8-41C9-954B-F316BED0A99D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{57CC476A-C1FF-41AF-8157-34F19CE51197}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{580EB522-F702-49A8-87A7-343F1D48D4C0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{58E34167-5C26-4861-AD49-6C0241B42DF3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{59C3214C-EDB8-491A-9719-0609E5478EE0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{59F17B85-0672-4DDC-A098-722D93089D75}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{59FF6FF7-03A5-41F7-B1B3-1E376278092C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5A4B2B9C-3457-4AB5-A4B0-314A2050E571}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5A8BAE09-E42A-4B59-B9CA-A5492A2006BC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5AAB6B3E-3D43-4A0C-8602-8ECA340E99AA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5B8ADE80-B6CF-41D6-B0DC-D48316A07013}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5C66D255-41E4-4416-91F1-6C521DC84DC0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5D0893BD-BE37-4CB4-8212-8657C49B2D78}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5D9F5734-1A83-48FD-B425-82A49218EADE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5F48B627-989A-4694-9B38-C2144BDBA586}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{5FD7650C-AA3D-4418-A0B1-C0A966837DD2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{60759518-B4D5-4C4E-8139-5B333BFDC28A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{621968C6-C902-4266-B30B-B7A18FAE931D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6227B51E-A757-4004-8D9B-3612922247CC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{62E9F631-03A0-44AE-89A7-D7D403BBADB0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6421C6A1-EC96-479F-ACE0-3C1C25F671E8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6436D35B-6A56-490B-BF07-0686A92061A9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{64D8EF03-71B1-487E-951A-E54C41784943}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{64FD1C2B-7247-4E79-A6C8-B713F854DB37}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{668E5164-105F-480A-8255-37F8BB03E57C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{67DA00D8-7653-45A2-B06C-2F8E6D6BF639}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{67EACE2D-B232-4F0F-981E-319703349CD2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{67F3D753-09E4-49CB-A16D-B0053FA53F7A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6A7C8668-20BA-4358-8243-756ED6E9B53A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6BCCAA6C-F027-46CF-A960-CD4F2D1E5B1F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6D8CBF0C-BF30-462B-ADD3-FEBB7B446C17}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6DB0379D-E475-408D-9404-EA6A853EFF19}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6E049274-7B37-4202-96C9-8496F34BC6E0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{6E29598E-58C1-4B0D-B37D-6C13C999F80A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{70325646-4204-4ACC-AE30-7F00E54E8399}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{70D54D07-EA8E-494C-850F-AC9A516E5114}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{70E5AC06-7AD7-46E6-A0EF-AB8FE8CB8623}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{710C1892-902C-4D3F-8D1B-0E9C26E7D16B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{711CBD05-2F36-4FCB-8259-A13D20B7F747}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{711F1848-ACDE-4993-8548-08610850A0C3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7179B9FE-9C3D-460C-BE55-A1448CE38EB9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{71E6CC78-7174-4DB6-9FA8-C342FD47AD8C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{71F82577-7A1A-4D67-96A8-8E7D3B9680D2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{72447F2F-52AA-4210-A5B3-8D0D5E089DAC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7298447A-BB49-4091-B62E-2E2D2C0819A8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{731CE251-1898-4C8F-89A3-56E7BC0752A1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{74845ED1-DEEA-4CE9-93C2-8F68ED827698}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{75105D18-0471-4589-AE22-A16E423865C3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{75D2DB03-0A7E-4578-9E90-29EC62A7B2A8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{75D8C19C-E606-405D-8622-448C91A354B1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{77911A46-62B4-4163-94DE-1868C04F0A03}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{77FFE1CF-1C48-4D9E-8C9C-488EA4073D97}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{790D9645-37DA-416B-919A-4C40AFCD5769}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7A2C954F-9CB3-46E9-94C6-A27FF85977A2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7A78679B-3298-41CA-A1A2-3A81D724F08B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7AECCB97-CC80-4159-AF3B-3369513A6EDC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7B668D18-E4FB-492F-A0AD-ED40DE4FDC03}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7B9DA810-9D5D-4930-BB23-E620F202070F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7C5E3909-EEA6-4731-A948-DA3C01CE5045}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7CADB271-E3D7-447D-8FF5-B2C5C109E6DD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7CD85B5D-7A93-4F88-A594-97122D2FCE70}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7D0C6675-906D-4E41-8BA2-0D37E21818AD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7D2D1D49-FBEC-4612-9A28-542086275E12}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7E0802D5-AFC7-41F2-B37A-EF0BFC992B9A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{7FF49A01-A54F-41CC-817B-7D5E33CE248D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{80814280-28B8-4305-A106-16CACC722160}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{829BA643-15FB-41EA-AE7D-0E66BD3A3059}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{82BBFE55-77DE-48C5-BF68-93BD0184319E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8309A7D2-08BB-422E-A33A-88BB0ED54941}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{846685B7-089A-419A-89EF-C4DD82490A87}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{84DD76FC-98E6-40C4-BFB9-FA015A26E758}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{84FAB17A-4D65-432D-AAC8-B7FD71A1891B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{85577F89-3C7D-4F57-AB38-034577B898E1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{85D09CFF-A922-4677-9081-5B4A752CA644}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{85D50B6B-8F30-4370-AB65-FA805FA3F452}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{862F5D07-4C4D-4588-912B-6B62208CEA8D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8646BAB0-E97E-4135-999A-82A960A00ACE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{86CD0AB6-C1DE-4909-B5D2-0DD8D1EBBDA7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{86EA17EA-2236-4FB8-82CC-5E72D5FFFF3E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8713D5B7-0252-41F0-9A8D-0206E18D39B0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{88051B9B-6D28-47B0-BEA1-B637686E1713}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{884363A4-7541-45AF-AA60-E26661A20FCF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{886D0E2E-3963-4D5A-A620-0E9129A8DBA9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{88846A07-6FE3-4AEF-B49F-3AC528ADF6E4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{88D559F7-9B3B-4F1F-AD4B-42D98F644B59}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{88E64D59-2AAB-41FE-87CD-DF6D90A0AE59}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{890D9D77-D7AF-4EC2-B702-07CF5D04998B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8AEAFD0D-FF5B-4A6F-967D-06F6F7910209}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8AFBEB7D-0936-4B07-A967-D452FC1248D2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8B1B2129-60F9-4E8D-A9E8-5F6E0F2A237F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8B2ADFD6-89B3-4782-9F22-2200CE85CED1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8BC35617-870C-4936-AF51-052C4D700834}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8BEECC47-F5FA-4A2C-B403-3878D554954D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8C0AE35C-55F4-4FD3-B2A2-369964455424}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8CC48682-BAF7-4684-A9FE-D944CD0BF322}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8CD11939-15AF-4885-9C22-45B87037C511}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8F119F19-889C-43B1-BDFE-6B595FF0CD4E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{8F563251-6B34-4E71-B535-5BAC9B511030}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{90286BEF-B8B9-464A-B89B-AE210DC7AB11}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{902D2809-8DD5-44F8-B867-E1A563E099AF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{91943A37-5F47-4CE5-95F8-C13CB30487D2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{926F12EF-FA05-4E55-9ECC-F1943C312E2F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{92A17781-F2BF-4A98-8386-1B4A6CACD55B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{954FBDC9-A999-474E-8689-B1ED189D8D5D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{95639DBC-3493-484C-A12E-2FDF21BD1560}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{95C1FD7B-4086-4773-A86B-343721FDE8B6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{95ECBCB1-BA8B-4665-990C-9F0E86EA60F2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{96D07403-781D-45D5-AF51-D85F9C59EA79}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{978BACF1-34BC-4277-988E-E6DD7C49C579}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{987A9BCB-9BAB-49A5-97B1-E1C477811711}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{98D04428-672B-4B26-ABF3-509257ACA2D1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{98FA64E2-E18F-4650-81C9-52C40663F13D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{99424DEC-1B9E-4CF7-981B-13DA2FC7CAB8}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{99789EDF-A12F-4680-A75B-8EE49B3CE0B3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{99D19FC9-AAC6-4E46-9A48-9382B72A7B0E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9AA80139-8BC9-4028-9F0F-3A7C5F0D4143}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9AAC6E95-BAB8-45A2-A5C3-2DBCAE3272C2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9AC5F6A1-DB18-4466-A4F4-8909617E74CA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9ACC9E8D-1D77-4B79-9A65-3E710415D302}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9C919D36-4A26-4693-B7E4-825095BEE8E6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9CE71464-EC9D-41AD-9BF2-15601D27F574}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9D7D5438-5354-41A6-8425-70500CF251D1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9DBB8381-4136-4599-AE5A-9ACA97A4999A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9E8522F7-318F-422D-BB94-F0633C2DC737}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{9EB1C533-CA03-4512-8395-88CDA98B033A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A0129634-CECE-4639-86B3-7710B9D6C894}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A121422A-1F5B-4766-82FF-CE0DDBCFB229}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A26679FA-21DF-4BDA-9200-F7A920783ABF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A389113D-5D5F-4B07-B03B-D65181D1B09A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A47EEF48-E539-4891-9766-22893393714C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A48AD1EC-07BC-4E95-B7D2-25699E190F82}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A5A9C023-F493-4228-B2DE-7733DDC36B3E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A5ADB1DA-271E-4DC7-ACBC-7E0C0094AF9D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A5B1598C-76DE-4CC4-B294-0F79BBC349B5}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A5B84D71-04C7-4E25-BF12-57CAB7998039}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A7586A81-DA56-48D8-9A9C-3B7A16B42D89}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A7ECF48F-AD42-4FD0-BCE8-C109044CFB2E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A85A67BA-DF02-41D2-835C-FE37113B41ED}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A8F8A06B-7D3C-423E-9373-A22C75AB3CC4}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A9367B4E-6748-42D1-AA70-932C4EE61866}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A95425AD-37D5-410F-8F35-3F928D9AC075}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{A9D4C11C-7B4B-4CCE-B7BE-334F11316EFE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{AB78D521-E9D5-4E4B-8291-20AB31D499C2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{AB9406B8-7223-4B5D-96F3-B11132FBC967}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{AC218DC7-A7BA-4942-BF23-E46E2F2B6719}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{AD062183-88B1-4C46-8D3F-8E2E2658E339}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{AD1AD737-0ACA-4A90-9E89-C7D5812B7F4E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{ADB5675A-2C20-4960-8EAB-2DCA81D8899A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{AFC38D81-93D8-4693-B132-1F62226F051E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B1954627-E232-4BDA-948A-E60141C09BD0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B1DD1988-E80D-4320-BE5B-85797E546D47}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B263A3F3-1CBE-49E7-A71D-04A28B8B8BA0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B26F4C52-546D-481D-A6D3-9EEB4E3CD84C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B2AA3F07-8C02-4A3B-AE03-2A64583022BC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B4B4C27C-DD9C-4449-868B-78E150B1C18C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B7045020-DA3E-4DA3-A05B-100B9AF14D46}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B7145E9B-7E28-4FE1-A737-317858DF0285}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B79446AC-B7E2-470F-98FD-77CD5C4B98F1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B85503DE-F662-4EB5-9000-C41C98832682}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B8DF679C-6023-4561-8C7F-09EEC899341A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B8FA846C-6895-4389-AF55-9AF995492A89}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B94672ED-6DAE-4B6F-A021-7EFACB59D8D7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B9517D48-C962-45CF-AC02-50E74753850A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B990F74E-C3E9-42E6-990E-86A92F7D3888}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{B9FFBDA2-743A-4921-9D30-E89F5F9AAC62}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BA4FCBC3-3A79-49E2-8517-6229A5450E40}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BAB5E075-C65B-4293-9CC0-5F1D52E53C1A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BD1E7851-F7DC-46BB-8298-17AE5D569627}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BD7CEB09-5C37-4FA1-848F-3D5D8FF50DA1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BD8DC7A3-2F35-4154-94DC-213E3BEC29EC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BE2B76FE-1192-439E-9934-680C0251F20A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BE5B6044-C98D-4D7D-82EF-015C2A1B28E3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BE9C6275-DC48-4F62-A959-A07754802705}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BEF3460F-BD65-489F-9C63-0F1B29C903CF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BEFA865C-347F-42AE-A91C-45E1A1387FCD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BF2A5C11-47A4-4A82-9E9F-6A05D2EC1F03}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BF44F3EB-9FC7-4570-BA80-B633654208F1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{BFBBC236-9CF0-4481-8843-E1A7C49A3321}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C09C195A-19C9-4E4E-B86A-A3AB9FD24348}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C1147CC2-27E6-4C84-88D3-9CF512DDBC65}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C36E0347-22B1-4930-A1D9-C9E903DBB75C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C4A4C0C0-C511-4956-BEAE-4EC3669A2C6F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C56B4580-35BB-4372-8505-9F41D2DF239A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C616EE18-887C-4457-9C57-78B3E32CAF33}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C688C4BD-6E11-4344-AD24-BE2686F972EC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C69C325B-A781-4E60-9CFA-143E6191C571}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C73D84D0-477D-4F24-B64B-D875465DBA29}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C75D756A-81E7-4EB9-89AA-AC5104E4C5FE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C7901047-4941-4988-B051-AB3BCEC3C572}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C977CF31-0771-445E-B641-E9B3E1A4B529}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C9D470AE-DE4E-4AEC-A092-4327B0F6C082}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{C9F60CE4-9E9B-41D2-94C4-16DC52CB36B9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CA3ABD5D-002B-4DC3-8296-DCF7EB1A7E18}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CA84D016-E883-4269-99AC-7F055DC00587}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CB6AC867-3C6C-4439-961D-7B7B881D3E4F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CC5B69AC-82B6-4772-B392-330D8AF949CD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CC844CA9-1D40-4E49-9284-CDB6AABBC8F2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CCBDC26A-D697-4130-B9DB-071317E9DE5F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CCC3CAC1-7CAC-48B2-948F-B5B1612422CC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CD0603A9-7097-4709-AC3E-8B689AAA26A7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CD3100D1-59E0-47B5-9F87-1C4D09908C08}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CD486C0B-1214-4BAB-8726-538A56345F20}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CDBB24A0-8040-47C7-9495-AA923D74AF73}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CDF93B35-A2B7-4CEE-ADF2-0A51C4BF4BEA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CE8306DA-A37D-44DF-AA07-D36DA1F7E9E3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CFA16193-9DFB-4B85-81EB-656284265EAC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CFE2C955-079D-4EA0-A48C-F87E09AFFEB5}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{CFEB174B-9F30-493D-88FC-E26BE0B83C14}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D0352CDD-EDA1-4DD7-8CD9-80E6F6504596}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D0E52952-1315-4627-8F18-B02E5E8B6B4C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D1A99E9B-41FE-43C6-B106-9F8D209DE316}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D1BBBE4D-6826-4D1D-A95F-0C9CE6DB8C22}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D2DDF39F-7457-49A1-8F8C-6744CECF10F6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D3149C65-3EB2-48EA-907D-E0246715D3AF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D45CAB6F-194F-4EE5-AD79-0C2355F75ADC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D4AC86D6-9379-45BD-A91B-D2DC4DE3D987}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D77BB09B-13F9-473A-BBA4-C35B28508CE9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D7A92261-6656-4454-8317-D5A37BC8FB60}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{D9E2BA43-78DF-4941-A96F-729AC3738837}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DA3FD28E-2D74-49BE-B693-37DB0F9DA7AB}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DAFAEDE1-35D5-4006-9595-E820EF760CF5}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DB143501-7D14-46CA-9227-81A087E89F93}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DB19486E-15AE-4013-9983-A9872738EC6B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DBC965FF-CDD8-4C18-BD70-CD57E3EDE5AE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DC2900B6-4B81-4EAB-B30E-09533F389922}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DC33D759-0161-44EF-BA5E-8939B446D28D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DC58BE03-F929-43F5-AD38-C09CEF5476C6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DDB65542-F6BE-4E5E-BDA1-EF8B28581CBD}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DDC2C81B-EE66-48A0-A08F-928713873E5E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DDEA4E03-E439-4635-9278-4DFDAB7AADBA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DE7E1B35-0B55-4C17-A35E-D7C729DE2DE7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DE991B12-A79C-401C-8D38-67E5B3FE1752}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DEDAB693-7BD1-4150-82D3-1974E6DB27F5}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DEE787AD-2CC4-47E8-B7A1-0D298678948A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DEED4F82-288D-4F3E-8565-64A8DCB1434A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DF116171-A960-4EBD-A9B8-477F47A306F7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DF5A1A76-0387-4AF8-B4BB-67F2029833A1}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{DFC3E249-8833-4D58-AB67-6408FBB8B346}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E03DEA08-07C0-4AAE-AFDA-39D85AA2604E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E101F22B-AF01-4CE2-90E4-3F39069BAEFC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E11A2060-2DD0-4759-A5BD-810265E1C2EF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E160356C-B1BC-4EB0-AB0D-7A1EA78A5DA3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E277FB1B-3190-4803-90FD-3952F233B6DA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E2D7CB42-6CCB-4EB9-86CC-67DDC27766A7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E38C0CBF-C77D-4AD7-B630-52DA976A7FD5}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E465845E-C42D-4D64-BB8B-ABB3ADE62CB2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E5704F51-57B6-49DF-938D-EBE2F2BBFC6C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E6512AE5-3AEB-4D90-974A-0BAB0392822C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E6938A61-87C5-4445-BCCF-2AB70FEA14D3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E7470FB8-D04B-463D-A480-CA792659B110}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E8180F7A-C122-4DD8-A919-FBCC75B11DB9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E832EEA8-A4B1-472F-840B-14F9572EEC0C}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E8D9317D-217A-48D6-8A5D-F4492BCFE395}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E9A3DF40-E6EA-4E32-8D2C-7F4323482A32}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{E9D0962A-1F16-4DA1-8602-6C951F2299E6}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EA9E02F4-3477-4F3F-97BF-FC70125A6660}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EAC1C630-ED67-47C2-AD1C-327228A1E0CA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EB340872-D0E9-4AA3-B46C-8E1A9C719875}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EB77C94A-197C-400A-8120-63A2F3F87117}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{ED360B6E-A4E4-45F3-BC07-315AA0FC45FE}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{ED46D861-E1B9-4D11-BE9A-A40A2989ABA0}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{ED4A70D4-24D7-49AE-82FD-C87DC7C2552E}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{ED681233-FB39-4AF2-8C65-147B73AA4972}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EDE423DB-3E5E-49DE-9A53-1BDD86FA3FD9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EE5845B3-084D-46A5-98E3-62C68D70D10F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{EFC06C23-75C8-46EC-B781-C103CB446C1B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F13F8571-439A-41A8-960D-B3A503FAF417}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F1411FFD-0068-4013-A3D2-B951685C57CA}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F15AE7AD-9DFB-43BF-91C5-3E1D148785EC}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F1BD703E-0B59-4423-A827-3CDD661ADC7F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F20838E2-A049-45A7-947A-460686C7CBCF}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F42863DB-C42B-4646-B385-7290EA6BFE13}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F450BFA6-229B-4040-944A-FC37BF989E8A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F56B1C49-577C-46CA-BA34-CB0A578F551F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F5B2044C-8D04-49E9-830D-2F0438926726}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F606709A-69DA-49F3-88C5-5F48084A681F}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F607060C-CE52-4595-BAFE-D14C2534F24B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F6614D3E-2F0F-46E0-BC44-8355FE904119}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F6A617C1-6C86-45E1-A084-335BD9833850}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F70EAB7A-33FA-4DB4-93D8-0DBFD6D44CE2}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F7185C82-19C2-450D-836A-30DBC978764D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F7610399-2CAD-4550-9699-CDB70E3F3F11}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F7C707EA-3D5D-4903-B73F-1D00406ED9E9}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F82A44C8-D0A3-4085-976B-A486AB7FE0F3}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F8ECD287-55DD-4EC0-8329-D57F1BA49398}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F9052D6C-9565-429F-A06A-D59EF33ECDD7}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F927925C-C23B-4BEC-92C9-CA389F71CC3D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{F9FB7E0E-5803-4973-BD53-B59F75AABA01}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FA15BABB-4149-41DB-80D3-AADBF57B342B}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FB940012-AE46-47A1-9203-66A430316764}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FBAA7581-965D-4DBF-BC20-AA113936B231}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FBDE20FD-6A93-4650-8A06-6221348CE210}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FC631970-C7DD-4C29-9D5F-FE7A4EABE65A}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FE827031-84C7-4F68-8ACF-CCD1E4E54033}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FE94CE00-FF00-4B75-B0ED-4B9918358C9D}
Successfully deleted: [Empty Folder] C:\Users\Honey\appdata\local\{FF27C1A0-990B-4342-A452-458CAE224079}



~~~ FireFox

Emptied folder: C:\Users\Honey\AppData\Roaming\mozilla\firefox\profiles\ef40seh2.default\minidumps [34 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.06.2013 at 22:13:56,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=24bfc878ca17db4f9ad958bb2ce3a521
# engine=14129
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-21 09:56:05
# local_time=2013-06-21 11:56:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=1799 16775165 100 96 10705 10901 3371 0
# compatibility_mode=5893 16776574 100 94 11354 123481615 0 0
# scanned=179891
# found=0
# cleaned=0
# scan_time=5697
Code:
Results of screen317's Security Check version 0.99.64 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java(TM) 6 Update 22 
 Java version out of Date!
 Adobe Flash Player 11.7.700.202 
 Adobe Reader 10.1.7 Adobe Reader out of Date! 
 Mozilla Firefox (21.0)
 Google Chrome 27.0.1453.110 
 Google Chrome 27.0.1453.116 
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

sunshinebabe 22.06.2013 11:03
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 01
Ran by Honey (administrator) on 22-06-2013 12:01:12
Running from C:\Users\Honey\Desktop\Neuer Ordner
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [Ocs_SM] C:\Users\Honey\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-06-21] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0A80D7BF-07CC-4958-9079-2B36C6BB7ABD} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {1403280C-18CE-4AD4-AB3C-295328CAF2C9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {48BE0315-EBE3-4B1A-A35C-DEAD5173F8F2} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {49E85B81-420A-433D-BA61-74837D73D5AE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5DC9231E-3F2C-4460-87F7-7873EDF0303C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {AEBDF6EB-D307-4CBC-BDF0-8074A44A4AFC} URL = hxxp://services.zinio.com.anonymize-me.de/?anonymto=687474703A2F2F73657276696365732E7A696E696F2E636F6D2F7365617263683F733D7B7365617263685465726D737D2672663D736F6E79736C69636573&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&k=0
SearchScopes: HKCU - {C50DE191-83F9-47BA-BB0F-81D68CE35AC7} URL = hxxp://de.shopping.com.anonymize-me.de/?anonymto=687474703A2F2F64652E73686F7070696E672E636F6D2F3F6C696E6B696E5F69643D38303536333633&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&k=0
SearchScopes: HKCU - {F66BE474-53C1-47C8-AD33-CB746FDE3287} URL = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F3730372D33373237362D31363630392D32312F343F73617469746C653D7B7365617263685465726D737D&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&k=0
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Extension: (Logitech Flow Scroll) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.8_0
CHR Extension: (Ad-Aware Security Add-on) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko\1.0.0.6_0

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-06-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-06-21] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-05-24] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-06-20] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-21] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-20] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-06-21] (Avira Operations GmbH & Co. KG)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-03] (GFI Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz134; \??\C:\Users\Honey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-22 11:52 - 2013-06-22 11:52 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-21 22:10 - 2013-06-21 22:10 - 00000000 ____D C:\Windows\ERUNT
2013-06-21 22:09 - 2013-06-21 22:09 - 00000000 ____D C:\JRT
2013-06-21 22:03 - 2013-06-21 22:03 - 00035508 ____A C:\AdwCleaner[S1].txt
2013-06-21 21:57 - 2013-06-21 21:57 - 00033608 ____A C:\ComboFix.txt
2013-06-21 21:27 - 2013-06-21 21:57 - 00000000 ____D C:\ComboFix
2013-06-21 21:00 - 2013-06-21 21:00 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\ProgramData\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-21 20:57 - 2013-06-21 20:56 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-21 20:57 - 2013-06-21 20:56 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-21 20:57 - 2013-06-21 20:56 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-21 20:54 - 2013-06-21 20:54 - 02092792 ____A C:\Users\Honey\Downloads\avira_free_antivirus.exe
2013-06-21 20:23 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-21 20:23 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-21 20:23 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-21 20:23 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-21 20:23 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-21 20:23 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-21 20:23 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-21 20:23 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-21 20:19 - 2013-06-21 21:57 - 00000000 ____D C:\Qoobox
2013-06-21 20:18 - 2013-06-21 20:41 - 00000000 ____D C:\Windows\erdnt
2013-06-21 19:44 - 2013-06-21 19:52 - 00000898 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-21 19:43 - 2013-06-21 19:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Opera
2013-06-21 19:16 - 2013-06-21 19:38 - 00001912 ____A C:\Windows\epplauncher.mif
2013-06-21 15:03 - 2013-06-22 12:01 - 00000000 ____D C:\Users\Honey\Desktop\Neuer Ordner
2013-06-21 14:24 - 2013-06-21 14:24 - 00000000 ____D C:\FRST
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____A C:\Users\Honey\defogger_reenable
2013-06-20 23:08 - 2013-06-20 23:08 - 00215096 ____A C:\Users\Honey\Downloads\FromDocToPDF.exe
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 22:18 - 2013-06-20 22:21 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-16 05:48 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 05:48 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 05:48 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 05:48 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 05:48 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-14 21:34 - 2013-06-21 22:04 - 00210356 ____A C:\Windows\PFRO.log
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:20 - 2013-06-14 18:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:14 - 2013-06-14 18:15 - 00000000 ____D C:\ProgramData\Google
2013-06-14 09:14 - 2013-06-22 11:46 - 00002016 ____A C:\Windows\setupact.log
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 22:02 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:02 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:02 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 22:02 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 22:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 21:54 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 21:54 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 21:54 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 21:54 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 21:54 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 21:54 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 21:54 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 20:54 - 2013-06-07 20:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-14 08:32 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:29 - 2013-06-03 17:26 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-26 20:56 - 2013-05-26 21:02 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:34 - 2013-06-05 22:09 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-05-26 20:20 - 2013-05-26 20:23 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 19:45 - 2013-05-26 20:20 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:11 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 18:30 - 2013-05-26 19:11 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 09:13 - 2013-05-24 09:21 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 08:43 - 2013-05-13 05:52 - 00023624 ____A C:\Windows\Launcher.exe
2013-05-24 08:22 - 2013-05-24 08:23 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:17 - 2013-06-21 13:01 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-05-24 08:12 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare

==================== One Month Modified Files and Folders =======

2013-06-22 12:01 - 2013-06-21 15:03 - 00000000 ____D C:\Users\Honey\Desktop\Neuer Ordner
2013-06-22 11:54 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-22 11:54 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-22 11:52 - 2013-06-22 11:52 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-22 11:52 - 2011-10-15 17:01 - 02059172 ____A C:\Windows\WindowsUpdate.log
2013-06-22 11:52 - 2011-05-19 19:14 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-22 11:52 - 2011-05-19 19:14 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-22 11:52 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-22 11:46 - 2013-06-14 09:14 - 00002016 ____A C:\Windows\setupact.log
2013-06-22 11:46 - 2011-05-19 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-21 22:10 - 2013-06-21 22:10 - 00000000 ____D C:\Windows\ERUNT
2013-06-21 22:09 - 2013-06-21 22:09 - 00000000 ____D C:\JRT
2013-06-21 22:04 - 2013-06-14 21:34 - 00210356 ____A C:\Windows\PFRO.log
2013-06-21 22:03 - 2013-06-21 22:03 - 00035508 ____A C:\AdwCleaner[S1].txt
2013-06-21 21:57 - 2013-06-21 21:57 - 00033608 ____A C:\ComboFix.txt
2013-06-21 21:57 - 2013-06-21 21:27 - 00000000 ____D C:\ComboFix
2013-06-21 21:57 - 2013-06-21 20:19 - 00000000 ____D C:\Qoobox
2013-06-21 21:55 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-21 21:00 - 2013-06-21 21:00 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\ProgramData\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-21 20:56 - 2013-06-21 20:57 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-21 20:56 - 2013-06-21 20:57 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-21 20:56 - 2013-06-21 20:57 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-21 20:54 - 2013-06-21 20:54 - 02092792 ____A C:\Users\Honey\Downloads\avira_free_antivirus.exe
2013-06-21 20:47 - 2012-09-19 18:20 - 00000000 ____D C:\ProgramData\AVAST Software
2013-06-21 20:41 - 2013-06-21 20:18 - 00000000 ____D C:\Windows\erdnt
2013-06-21 20:40 - 2011-10-15 17:02 - 00000000 ____D C:\users\Honey
2013-06-21 19:52 - 2013-06-21 19:44 - 00000898 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-21 19:44 - 2013-05-19 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-21 19:43 - 2013-06-21 19:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Opera
2013-06-21 19:38 - 2013-06-21 19:16 - 00001912 ____A C:\Windows\epplauncher.mif
2013-06-21 19:20 - 2012-09-19 18:26 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-06-21 19:19 - 2012-09-19 18:20 - 00000000 ____D C:\Program Files\AVAST Software
2013-06-21 15:46 - 2012-04-06 22:15 - 00000000 ____D C:\Users\Honey\AppData\Local\CrashDumps
2013-06-21 15:46 - 2011-05-19 09:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 15:45 - 2012-11-30 17:50 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-21 14:24 - 2013-06-21 14:24 - 00000000 ____D C:\FRST
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____A C:\Users\Honey\defogger_reenable
2013-06-21 13:01 - 2013-05-24 08:17 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-06-20 23:08 - 2013-06-20 23:08 - 00215096 ____A C:\Users\Honey\Downloads\FromDocToPDF.exe
2013-06-20 22:21 - 2013-06-20 22:18 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 20:36 - 2012-09-19 18:28 - 00000000 ____D C:\Users\Honey\AppData\Local\Google
2013-06-20 19:48 - 2012-10-23 20:22 - 00041984 __ASH C:\Users\Honey\Thumbs.db
2013-06-18 14:52 - 2012-11-30 18:11 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 19:15 - 2012-11-30 18:11 - 00000000 ____D C:\ProgramData\Origin
2013-06-15 19:15 - 2012-11-30 18:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-15 18:39 - 2012-12-14 20:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-15 18:37 - 2012-11-30 18:12 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Origin
2013-06-15 18:36 - 2012-12-14 20:43 - 00000000 ____D C:\Users\Honey\AppData\Local\Origin
2013-06-14 21:37 - 2012-03-31 12:25 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-14 21:37 - 2012-03-31 12:25 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-14 21:37 - 2011-10-15 21:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-14 20:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 20:37 - 2011-10-16 18:54 - 00000000 ____D C:\Users\Honey\AppData\Roaming\vlc
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:25 - 2013-06-14 18:20 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:15 - 2013-06-14 18:14 - 00000000 ____D C:\ProgramData\Google
2013-06-14 18:15 - 2012-09-19 18:28 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-14 08:51 - 2012-09-19 18:51 - 00000000 ____D C:\Windows\Minidump
2013-06-14 08:51 - 2011-10-26 20:02 - 00000000 ____D C:\Users\Honey\Tracing
2013-06-14 08:51 - 2011-02-11 00:48 - 00000000 ____D C:\Windows\Panther
2013-06-14 08:32 - 2013-06-03 12:31 - 00000000 ____D C:\Program Files (x86)\Ad-Aware Antivirus
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2011-10-16 09:34 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 21:31 - 2011-10-15 19:37 - 00000000 ____D C:\Users\Honey\Documents\Bluetooth Folder
2013-06-11 13:50 - 2012-09-19 18:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-08 16:08 - 2013-06-16 05:48 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 05:48 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 05:48 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 20:55 - 2013-06-07 20:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-07 20:54 - 2012-03-24 19:59 - 00000000 ____D C:\Users\Honey\AppData\Roaming\DVDVideoSoft
2013-06-05 22:09 - 2013-05-26 20:34 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-06-05 21:36 - 2012-09-19 18:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-06-05 21:30 - 2011-10-15 17:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Apple Computer
2013-06-05 18:44 - 2012-09-19 18:28 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 22:43 - 2012-09-19 18:28 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-03 17:26 - 2013-06-03 12:29 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 12:13 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 12:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-27 09:36 - 2011-11-19 09:34 - 00027847 ____A C:\test.xml
2013-05-26 21:06 - 2011-10-15 17:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\SoftGrid Client
2013-05-26 21:02 - 2013-05-26 20:56 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:23 - 2013-05-26 20:20 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 20:20 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:45 - 2013-05-26 19:11 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 19:11 - 2013-05-26 18:30 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-24 16:29 - 2012-09-01 20:51 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-05-24 09:21 - 2013-05-24 09:13 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 08:23 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:22 - 2013-05-24 08:12 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-03 00:32

==================== End Of Log ============================
--- --- ---

--- --- ---


Vielen lieben Dank. Bis jetzt läuft alles 1a. Der gestrige Tag wurde mir ein wenig versüßt ;-) Ich bin froh das es solche Leute wie euch gibt. GLG sunshinebabe

schrauber 22.06.2013 13:20
Zitat:
Der gestrige Tag wurde mir ein wenig versüßt ;-)
durch mich? :D

Java und Adobe bitte updaten.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

sunshinebabe 22.06.2013 17:54
Alles super. Vielen Dank für deine Hilfe. Falls noch was sein sollte, werde ich euch nochmal nerven ;)

schrauber 22.06.2013 18:53
Gern Geschehen :)

sunshinebabe 22.06.2013 19:04
So... da bin ich auch schon wieder. :applaus: . Ich kann einfach nicht ohne euch ;). Nachdem das erste Problem behoben wurde, kann ich bei Mozilla Firefox / IE nur gelegentlich Internetseiten suchen. Sobald ich bei Google einen Begriff eingebe und dann auf suchen drücke passiert 20 mal gar nichts und auf einmal nach 10 mal öffnen und schließen des jeweiligen Browsers geht es wieder. Es ist auch alles sehr langsam geworden oder funktioniert gar nicht. Hat das was mit meinem vorherigen Problem zu tun. Hatte sonst keine Probleme damit. Der Laptop ist auch erst 2 Jahre alt.

schrauber 22.06.2013 19:05
Lade FRST mal neu und poste die Logs, ich schau mal :)

sunshinebabe 22.06.2013 20:17
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by Honey (administrator) on 22-06-2013 21:14:24
Running from C:\Users\Honey\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Splinterware Software Solutions) C:\Program Files (x86)\SystemScheduler\wscheduler.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [Ocs_SM] C:\Users\Honey\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot [423144 2013-04-27] (BillP Studios)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-06-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [x]
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0A80D7BF-07CC-4958-9079-2B36C6BB7ABD} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {1403280C-18CE-4AD4-AB3C-295328CAF2C9} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {48BE0315-EBE3-4B1A-A35C-DEAD5173F8F2} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {49E85B81-420A-433D-BA61-74837D73D5AE} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5DC9231E-3F2C-4460-87F7-7873EDF0303C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {AEBDF6EB-D307-4CBC-BDF0-8074A44A4AFC} URL = hxxp://services.zinio.com.anonymize-me.de/?anonymto=687474703A2F2F73657276696365732E7A696E696F2E636F6D2F7365617263683F733D7B7365617263685465726D737D2672663D736F6E79736C69636573&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&k=0
SearchScopes: HKCU - {C50DE191-83F9-47BA-BB0F-81D68CE35AC7} URL = hxxp://de.shopping.com.anonymize-me.de/?anonymto=687474703A2F2F64652E73686F7070696E672E636F6D2F3F6C696E6B696E5F69643D38303536333633&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&k=0
SearchScopes: HKCU - {F66BE474-53C1-47C8-AD33-CB746FDE3287} URL = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F3730372D33373237362D31363630392D32312F343F73617469746C653D7B7365617263685465726D737D&st={searchTerms}&clid=ed596c32-4ba2-43f3-8da8-3fc2ad1c8bd6&pid=freewarede&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - No Name - !{DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Honey\AppData\Roaming\Mozilla\Firefox\Profiles\ef40seh2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Extension: (Logitech Flow Scroll) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Lavasoft NewTab) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.8_0
CHR Extension: (Ad-Aware Security Add-on) - C:\Users\Honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko\1.0.0.6_0

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-06-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-06-21] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-05-24] (soft Xpansion)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-06-20] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-21] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-20] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-06-21] (Avira Operations GmbH & Co. KG)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-03] (GFI Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz134; \??\C:\Users\Honey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-22 21:14 - 2013-06-22 21:14 - 00000000 ____D C:\FRST
2013-06-22 21:13 - 2013-06-22 21:13 - 01931364 ____A (Farbar) C:\Users\Honey\Desktop\FRST64.exe
2013-06-22 21:08 - 2013-06-22 21:09 - 00000000 ____D C:\Program Files (x86)\SystemScheduler
2013-06-22 20:21 - 2013-06-22 20:21 - 00000017 ____A C:\Users\Honey\AppData\Local\resmon.resmoncfg
2013-06-22 19:08 - 2013-06-22 19:08 - 00000000 ____D C:\Users\Honey\AppData\Roaming\WinPatrol
2013-06-22 18:39 - 2013-06-22 19:07 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-06-22 18:39 - 2013-06-22 18:39 - 00000000 ____D C:\ProgramData\Licenses
2013-06-22 18:39 - 2011-11-04 05:13 - 01070352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-06-22 18:39 - 2009-03-24 12:52 - 00129872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-06-22 18:37 - 2013-06-22 18:37 - 00000000 ____D C:\ProgramData\InstallMate
2013-06-22 18:37 - 2013-06-22 18:37 - 00000000 ____D C:\Program Files (x86)\BillP Studios
2013-06-22 18:32 - 2013-06-22 18:32 - 00000000 ____D C:\Program Files\WOT
2013-06-22 18:32 - 2013-06-22 18:32 - 00000000 ____D C:\Program Files (x86)\WOT
2013-06-22 18:27 - 2013-06-22 18:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-22 18:27 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-22 18:22 - 2013-06-22 18:22 - 00000416 ____A C:\Windows\Tasks\{8076563B-C4D1-4EA4-849C-3C26D028E8BB}.job
2013-06-22 15:31 - 2013-06-22 15:31 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 15:31 - 2013-06-22 15:31 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 15:31 - 2013-06-22 15:31 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 15:31 - 2013-06-22 15:31 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 15:27 - 2013-06-22 15:27 - 01093032 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-22 15:27 - 2013-06-22 15:27 - 00312232 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-22 15:27 - 2013-06-22 15:27 - 00189352 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-22 15:27 - 2013-06-22 15:27 - 00188840 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-22 15:27 - 2013-06-22 15:27 - 00108968 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-22 15:27 - 2013-06-22 15:27 - 00000000 ____D C:\Program Files\Java
2013-06-22 15:22 - 2013-06-22 15:22 - 00000000 ____D C:\Users\Honey\AppData\Local\Secunia PSI
2013-06-22 15:21 - 2013-06-22 15:21 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-06-22 15:07 - 2013-06-22 15:09 - 00000797 ____A C:\DelFix.txt
2013-06-22 15:04 - 2013-06-22 15:05 - 00000000 ___SD C:\uninstall
2013-06-22 14:16 - 2012-08-23 16:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-22 14:16 - 2012-08-23 16:08 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbGD.sys
2013-06-22 14:16 - 2012-08-23 16:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-06-22 14:16 - 2012-08-23 15:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-22 14:16 - 2012-08-23 15:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-22 14:16 - 2012-08-23 15:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-06-22 14:15 - 2012-08-23 16:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-22 14:15 - 2012-08-23 15:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-06-22 14:15 - 2012-08-23 15:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-06-22 14:15 - 2012-08-23 15:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-06-22 14:15 - 2012-08-23 15:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-06-22 14:15 - 2012-08-23 15:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-06-22 14:15 - 2012-08-23 15:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-06-22 14:15 - 2012-08-23 14:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-22 14:15 - 2012-08-23 13:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-06-22 14:15 - 2012-08-23 13:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-06-22 14:15 - 2012-08-23 13:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-06-22 14:15 - 2012-08-23 13:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-06-22 14:15 - 2012-08-23 12:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-22 14:15 - 2012-08-23 12:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-06-22 14:15 - 2012-08-23 12:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-22 14:15 - 2012-08-23 12:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-22 14:15 - 2012-08-23 11:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-22 14:15 - 2012-08-23 10:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-06-22 14:15 - 2012-08-23 10:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-22 14:14 - 2012-08-24 20:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-22 14:14 - 2012-08-24 20:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-22 14:14 - 2012-08-24 20:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-22 14:14 - 2012-08-24 20:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-22 14:14 - 2012-08-24 18:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-06-22 14:14 - 2012-08-24 18:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-06-22 14:14 - 2012-08-24 18:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-06-22 13:10 - 2013-06-22 15:31 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-22 13:08 - 2013-06-22 13:08 - 00000000 ____D C:\Windows\Sun
2013-06-22 12:10 - 2013-06-22 12:10 - 00000000 ____D C:\Users\Honey\AppData\Local\{CA463F89-C4C7-410A-BADD-83BCB032663A}
2013-06-22 11:52 - 2013-06-22 11:52 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-21 22:10 - 2013-06-22 15:07 - 00000000 ____D C:\Windows\ERUNT
2013-06-21 21:00 - 2013-06-21 21:00 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\ProgramData\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-21 20:57 - 2013-06-21 20:56 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-21 20:57 - 2013-06-21 20:56 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-21 20:57 - 2013-06-21 20:56 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-21 20:18 - 2013-06-22 15:04 - 00000000 ____D C:\Windows\erdnt
2013-06-21 19:44 - 2013-06-21 19:52 - 00000898 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-21 19:43 - 2013-06-21 19:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Opera
2013-06-21 19:16 - 2013-06-21 19:38 - 00001912 ____A C:\Windows\epplauncher.mif
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 22:18 - 2013-06-20 22:21 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-16 05:48 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-16 05:48 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-16 05:48 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-16 05:48 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-16 05:48 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-16 05:48 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-16 05:48 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-14 21:34 - 2013-06-22 19:31 - 00212476 ____A C:\Windows\PFRO.log
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:38 - 2013-06-14 20:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:20 - 2013-06-14 18:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:14 - 2013-06-14 18:15 - 00000000 ____D C:\ProgramData\Google
2013-06-14 09:14 - 2013-06-22 20:49 - 00002511 ____A C:\Windows\setupact.log
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 22:02 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:02 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:02 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:02 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 22:02 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 22:01 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 21:54 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 21:54 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 21:54 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 21:54 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 21:54 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 21:54 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 21:54 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 21:54 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 21:54 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 21:54 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 21:54 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-07 20:54 - 2013-06-07 20:55 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:29 - 2013-06-03 17:26 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-26 20:56 - 2013-05-26 21:02 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:34 - 2013-06-05 22:09 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-05-26 20:20 - 2013-05-26 20:23 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 19:45 - 2013-05-26 20:20 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:11 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 18:30 - 2013-05-26 19:11 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 09:13 - 2013-05-24 09:21 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 08:43 - 2013-05-13 05:52 - 00023624 ____A C:\Windows\Launcher.exe
2013-05-24 08:22 - 2013-05-24 08:23 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:17 - 2013-06-21 13:01 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-05-24 08:12 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare

==================== One Month Modified Files and Folders =======

2013-06-22 21:14 - 2013-06-22 21:14 - 00000000 ____D C:\FRST
2013-06-22 21:13 - 2013-06-22 21:13 - 01931364 ____A (Farbar) C:\Users\Honey\Desktop\FRST64.exe
2013-06-22 21:09 - 2013-06-22 21:08 - 00000000 ____D C:\Program Files (x86)\SystemScheduler
2013-06-22 20:59 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-22 20:59 - 2009-07-14 06:45 - 00020720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-22 20:56 - 2011-05-19 19:14 - 00697322 ____A C:\Windows\System32\perfh007.dat
2013-06-22 20:56 - 2011-05-19 19:14 - 00148328 ____A C:\Windows\System32\perfc007.dat
2013-06-22 20:56 - 2009-07-14 07:13 - 01614036 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-22 20:49 - 2013-06-14 09:14 - 00002511 ____A C:\Windows\setupact.log
2013-06-22 20:49 - 2011-05-19 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-22 20:48 - 2011-10-15 17:01 - 01147703 ____A C:\Windows\WindowsUpdate.log
2013-06-22 20:21 - 2013-06-22 20:21 - 00000017 ____A C:\Users\Honey\AppData\Local\resmon.resmoncfg
2013-06-22 19:38 - 2011-10-15 19:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Skype
2013-06-22 19:37 - 2012-09-14 16:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-22 19:37 - 2011-05-19 10:15 - 00000000 ____D C:\ProgramData\Skype
2013-06-22 19:31 - 2013-06-14 21:34 - 00212476 ____A C:\Windows\PFRO.log
2013-06-22 19:08 - 2013-06-22 19:08 - 00000000 ____D C:\Users\Honey\AppData\Roaming\WinPatrol
2013-06-22 19:07 - 2013-06-22 18:39 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-06-22 18:39 - 2013-06-22 18:39 - 00000000 ____D C:\ProgramData\Licenses
2013-06-22 18:37 - 2013-06-22 18:37 - 00000000 ____D C:\ProgramData\InstallMate
2013-06-22 18:37 - 2013-06-22 18:37 - 00000000 ____D C:\Program Files (x86)\BillP Studios
2013-06-22 18:32 - 2013-06-22 18:32 - 00000000 ____D C:\Program Files\WOT
2013-06-22 18:32 - 2013-06-22 18:32 - 00000000 ____D C:\Program Files (x86)\WOT
2013-06-22 18:27 - 2013-06-22 18:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-22 18:22 - 2013-06-22 18:22 - 00000416 ____A C:\Windows\Tasks\{8076563B-C4D1-4EA4-849C-3C26D028E8BB}.job
2013-06-22 15:33 - 2011-10-16 19:00 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 15:32 - 2012-03-31 12:25 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-22 15:32 - 2012-03-31 12:25 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-22 15:32 - 2011-10-15 21:21 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-22 15:31 - 2013-06-22 15:31 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-22 15:31 - 2013-06-22 15:31 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-22 15:31 - 2013-06-22 15:31 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-22 15:31 - 2013-06-22 15:31 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-22 15:31 - 2013-06-22 13:10 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-22 15:31 - 2011-05-19 09:38 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-22 15:31 - 2011-05-19 09:38 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-22 15:27 - 2013-06-22 15:27 - 01093032 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-22 15:27 - 2013-06-22 15:27 - 00312232 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-22 15:27 - 2013-06-22 15:27 - 00189352 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-22 15:27 - 2013-06-22 15:27 - 00188840 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-22 15:27 - 2013-06-22 15:27 - 00108968 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-22 15:27 - 2013-06-22 15:27 - 00000000 ____D C:\Program Files\Java
2013-06-22 15:27 - 2011-05-19 09:37 - 00972712 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-22 15:22 - 2013-06-22 15:22 - 00000000 ____D C:\Users\Honey\AppData\Local\Secunia PSI
2013-06-22 15:21 - 2013-06-22 15:21 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-06-22 15:09 - 2013-06-22 15:07 - 00000797 ____A C:\DelFix.txt
2013-06-22 15:07 - 2013-06-21 22:10 - 00000000 ____D C:\Windows\ERUNT
2013-06-22 15:05 - 2013-06-22 15:04 - 00000000 ___SD C:\uninstall
2013-06-22 15:04 - 2013-06-21 20:18 - 00000000 ____D C:\Windows\erdnt
2013-06-22 15:01 - 2011-10-15 17:02 - 00000000 ____D C:\users\Honey
2013-06-22 14:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-22 14:08 - 2011-02-11 01:03 - 01591930 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-22 13:17 - 2011-11-15 21:14 - 00000000 ____D C:\Users\Honey\AppData\Local\Adobe
2013-06-22 13:16 - 2011-05-19 09:53 - 00000000 ____D C:\ProgramData\Adobe
2013-06-22 13:16 - 2011-05-19 09:53 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-22 13:08 - 2013-06-22 13:08 - 00000000 ____D C:\Windows\Sun
2013-06-22 12:10 - 2013-06-22 12:10 - 00000000 ____D C:\Users\Honey\AppData\Local\{CA463F89-C4C7-410A-BADD-83BCB032663A}
2013-06-22 11:52 - 2013-06-22 11:52 - 00083160 ____A (Avira GmbH) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-21 21:55 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-21 21:00 - 2013-06-21 21:00 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\ProgramData\Avira
2013-06-21 20:57 - 2013-06-21 20:57 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-21 20:56 - 2013-06-21 20:57 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-21 20:56 - 2013-06-21 20:57 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-21 20:56 - 2013-06-21 20:57 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-21 20:47 - 2012-09-19 18:20 - 00000000 ____D C:\ProgramData\AVAST Software
2013-06-21 19:52 - 2013-06-21 19:44 - 00000898 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-21 19:44 - 2013-05-19 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-21 19:43 - 2013-06-21 19:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Opera
2013-06-21 19:38 - 2013-06-21 19:16 - 00001912 ____A C:\Windows\epplauncher.mif
2013-06-21 19:20 - 2012-09-19 18:26 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-06-21 19:19 - 2012-09-19 18:20 - 00000000 ____D C:\Program Files\AVAST Software
2013-06-21 15:46 - 2012-04-06 22:15 - 00000000 ____D C:\Users\Honey\AppData\Local\CrashDumps
2013-06-21 15:46 - 2011-05-19 09:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-21 15:45 - 2012-11-30 17:50 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-06-21 13:01 - 2013-05-24 08:17 - 00000000 ____D C:\Users\Honey\Desktop\Kindergeld
2013-06-20 22:21 - 2013-06-20 22:18 - 00000162 ____A C:\Windows\Reimage.ini
2013-06-20 22:20 - 2013-06-20 22:20 - 00000000 ____D C:\Users\Honey\AppData\Local\AVG SafeGuard toolbar
2013-06-20 22:19 - 2013-06-20 22:19 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-06-20 22:19 - 2013-06-20 22:19 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-06-20 20:36 - 2012-09-19 18:28 - 00000000 ____D C:\Users\Honey\AppData\Local\Google
2013-06-20 19:48 - 2012-10-23 20:22 - 00041984 __ASH C:\Users\Honey\Thumbs.db
2013-06-18 14:52 - 2012-11-30 18:11 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-16 21:45 - 2013-06-16 21:45 - 00000000 ____D C:\ProgramData\Uniblue
2013-06-15 19:15 - 2013-06-15 19:15 - 00000000 ____D C:\Users\Honey\Documents\SimCity
2013-06-15 19:15 - 2012-11-30 18:11 - 00000000 ____D C:\ProgramData\Origin
2013-06-15 19:15 - 2012-11-30 18:09 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-06-15 18:54 - 2013-06-15 18:54 - 00001276 ____A C:\Users\Public\Desktop\SimCity™.lnk
2013-06-15 18:39 - 2012-12-14 20:44 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-06-15 18:37 - 2012-11-30 18:12 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Origin
2013-06-15 18:36 - 2012-12-14 20:43 - 00000000 ____D C:\Users\Honey\AppData\Local\Origin
2013-06-14 20:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iTunes
2013-06-14 20:39 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-14 20:38 - 2013-06-14 20:38 - 00000000 ____D C:\Program Files\iPod
2013-06-14 20:37 - 2011-10-16 18:54 - 00000000 ____D C:\Users\Honey\AppData\Roaming\vlc
2013-06-14 19:50 - 2013-06-14 19:50 - 00000282 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295}.job
2013-06-14 18:25 - 2013-06-14 18:20 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Google
2013-06-14 18:15 - 2013-06-14 18:15 - 00000000 ____D C:\Program Files\Google
2013-06-14 18:15 - 2013-06-14 18:14 - 00000000 ____D C:\ProgramData\Google
2013-06-14 18:15 - 2012-09-19 18:28 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-14 09:14 - 2013-06-14 09:14 - 00000000 ____A C:\Windows\setuperr.log
2013-06-14 08:51 - 2012-09-19 18:51 - 00000000 ____D C:\Windows\Minidump
2013-06-14 08:51 - 2011-10-26 20:02 - 00000000 ____D C:\Users\Honey\Tracing
2013-06-14 08:51 - 2011-02-11 00:48 - 00000000 ____D C:\Windows\Panther
2013-06-13 20:55 - 2013-06-13 20:55 - 00000531 ____A C:\Windows\eReg.dat
2013-06-13 20:55 - 2013-06-13 20:55 - 00000000 ____D C:\Program Files (x86)\Maxis
2013-06-12 22:02 - 2011-10-16 09:34 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 21:31 - 2011-10-15 19:37 - 00000000 ____D C:\Users\Honey\Documents\Bluetooth Folder
2013-06-11 13:50 - 2012-09-19 18:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-06-08 16:08 - 2013-06-16 05:48 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-16 05:48 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-16 05:48 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-16 05:48 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-16 05:48 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-16 05:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 20:55 - 2013-06-07 20:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-07 20:54 - 2012-03-24 19:59 - 00000000 ____D C:\Users\Honey\AppData\Roaming\DVDVideoSoft
2013-06-05 22:09 - 2013-05-26 20:34 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-06-05 21:36 - 2012-09-19 18:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2013-06-05 21:30 - 2011-10-15 17:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Apple Computer
2013-06-05 18:44 - 2012-09-19 18:28 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 22:43 - 2012-09-19 18:28 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-03 17:26 - 2013-06-03 12:29 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Ad-Aware Antivirus
2013-06-03 17:06 - 2013-06-03 17:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\Users\Honey\AppData\Roaming\LavasoftStatistics
2013-06-03 12:34 - 2013-06-03 12:34 - 00000000 ____D C:\ProgramData\Ad-Aware Antivirus
2013-06-03 12:31 - 2013-06-03 12:31 - 00000000 ____D C:\ProgramData\Lavasoft
2013-06-03 12:30 - 2013-06-03 12:30 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-06-03 12:29 - 2013-06-03 12:29 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-06-03 12:13 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 12:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-03 10:43 - 2013-06-03 10:43 - 00000000 ____D C:\Users\Honey\AppData\Roaming\Malwarebytes
2013-06-03 10:42 - 2013-06-03 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-27 09:36 - 2011-11-19 09:34 - 00027847 ____A C:\test.xml
2013-05-26 21:06 - 2011-10-15 17:25 - 00000000 ____D C:\Users\Honey\AppData\Roaming\SoftGrid Client
2013-05-26 21:02 - 2013-05-26 20:56 - 00000000 ____D C:\Users\Honey\AppData\Local\Ubisoft Game Launcher
2013-05-26 20:23 - 2013-05-26 20:20 - 165550590 ____A C:\Users\Honey\Settlers7_GOLD_Setup-4.bin
2013-05-26 20:20 - 2013-05-26 19:45 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-3.bin
2013-05-26 19:45 - 2013-05-26 19:11 - 2000000000 ____A C:\Users\Honey\Settlers7_GOLD_Setup-2.bin
2013-05-26 19:11 - 2013-05-26 18:30 - 1998856192 ____A C:\Users\Honey\Settlers7_GOLD_Setup-1.bin
2013-05-24 16:29 - 2012-09-01 20:51 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-05-24 09:21 - 2013-05-24 09:13 - 00000000 ____D C:\ProgramData\Freemium
2013-05-24 09:14 - 2013-05-24 09:14 - 00010464 ____A C:\Windows\SysWOW64\sx_p2d.tlb
2013-05-24 08:23 - 2013-05-24 08:22 - 00000000 ____D C:\Users\Honey\Desktop\Antrag auf Elternzeit AG
2013-05-24 08:22 - 2013-05-24 08:12 - 00000000 ____D C:\Users\Honey\Desktop\Elterngeld - Formulare

Files to move or delete:
====================
C:\Windows\Tasks\{8076563B-C4D1-4EA4-849C-3C26D028E8BB}.job

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-03 00:32

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2013
Ran by Honey at 2013-06-22 21:15:30
Running from C:\Users\Honey\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

?????? Windows Live (x32 Version: 15.4.3502.0922)
???????? ?? Messenger (x32 Version: 15.4.3502.0922)
???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922)
????????? Messenger (x32 Version: 15.4.3502.0922)
?????????? Windows Live (x32 Version: 15.4.3502.0922)
??????????? ?? Windows Live (x32 Version: 15.4.3502.0922)
???????????? Windows Live (x32 Version: 15.4.3502.0922)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Alps Pointing-device for VAIO
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142)
ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.485)
Atheros WiFi Driver Installation (x32 Version: 3.0)
Avira Free Antivirus (x32 Version: 13.0.0.3640)
Bing Bar (x32 Version: 7.0.850.0)
Bluetooth Win7 Suite (64) (Version: 7.3.0.95)
Complément Messenger (x32 Version: 15.4.3502.0922)
Complemento Messenger (x32 Version: 15.4.3502.0922)
Conexant HD Audio (Version: 8.54.0.53)
D3DX10 (x32 Version: 15.4.2368.0902)
Die Sims™ 3 (x32 Version: 1.42.130)
DivX-Setup (x32 Version: 2.6.1.22)
Doplnok programu Messenger (x32 Version: 15.4.3502.0922)
eReg (x32 Version: 1.20.138.34)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
GIMP 2.6.12 (Version: 2.6.12)
Google Chrome (x32 Version: 27.0.1453.116)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.145)
Hospital Tycoon (x32 Version: 1.0)
iCloud (Version: 2.1.2.8)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Logitech Flow Scroll 4.0 (Version: 4.00.33)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Media Gallery (Version: 1.5.0.16020)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Assistent (x32 Version: 15.4.3502.0922)
Messenger Companion (x32 Version: 15.4.3502.0922)
Messenger kíséro (x32 Version: 15.4.3502.0922)
Messenger-kumppani (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
Nikon Movie Editor (x32 Version: 2.2.4)
NVIDIA 3D Vision Treiber 268.31 (Version: 268.31)
NVIDIA Grafiktreiber 268.31 (Version: 268.31)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6831)
NVIDIA Systemsteuerung 268.31 (Version: 268.31)
Origin (x32 Version: 9.1.10.2728)
Picture Control Utility (x32 Version: 1.4.1)
PMB (x32 Version: 5.5.02.12220)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250)
Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pomocnik Messenger (x32 Version: 15.4.3502.0922)
Qualcomm Atheros Direct Connect (x32 Version: 3.0)
Quick Web Access (x32 Version: 1.4.6.9)
QuickTime (x32 Version: 7.74.80.86)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77)
Remote Keyboard (x32 Version: 1.1.1.07060)
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.5 (x32 Version: 6.5.158)
Sony Corporation (Version: 1.0.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
swMSM (x32 Version: 12.0.0.1)
System Scheduler 4.23 (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VAIO - Media Gallery (x32 Version: 1.5.0.16020)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.02250)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150)
VAIO - Remote-Tastatur  (x32 Version: 1.1.0.07060)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Control Center (x32 Version: 4.5.0.03040)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140)
VAIO Easy Connect (x32 Version: 1.1.2.01120)
VAIO Event Service (x32 Version: 5.5.0.03040)
VAIO Gate (x32 Version: 2.4.0.06210)
VAIO Gate Default (x32 Version: 2.4.0.03240)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280)
VAIO Hero Screensaver - Summer 2011 Screensaver (x32)
VAIO Improvement Validation (Version: 1.0.4.01190)
VAIO Sample Contents (x32 Version: 1.4.2.09010)
VAIO Smart Network (x32 Version: 3.8.0.08120)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VCCx86 (x32 Version: 1.0.0)
VESx64 (Version: 1.0.0)
VESx86 (x32 Version: 1.0.0)
ViewNX 2 (x32 Version: 2.2.5)
VLC media player 2.0.7 (x32 Version: 2.0.7)
VSNx64 (Version: 1.0.0)
VSNx86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
Wildlife Park Gold (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows OEM Preinstallation Kit (Version: 2.0.0.0)
WinPatrol (Version: 28.1.2013.0)
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0)
WOT for Internet Explorer (Version: 12.8.2.0)

==================== Restore Points  =========================

22-06-2013 13:07:31 Ende der Bereinigung
22-06-2013 16:32:30 Installed WOT for Internet Explorer

==================== Scheduled Tasks (whitelisted) =============

Task: {0CA0ED80-A13A-4C2C-A19F-7A6848CB7BF0} - System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} => C:\Windows\system32\msfeedssync.exe [2013-04-08] (Microsoft Corporation)
Task: {2656E201-E473-4F1C-AE21-F680B08E7016} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient No File
Task: {2D46E034-DDA7-4678-AE50-760D22A22C62} - System32\Tasks\User_Feed_Synchronization-{0A20B8FE-6449-42FA-A3BB-A6313DCF6295} => C:\Windows\system32\msfeedssync.exe [2013-04-08] (Microsoft Corporation)
Task: {390AA7E8-E8C1-4B4F-A326-59C54B5633D1} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {45850C39-772A-421E-9AD4-FAE5B80B1B44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {48EDA748-9F4C-450B-8495-E3DCBDD0D36F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {4AB1EA42-BAE6-490F-99A5-A6D72C33F4C5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {57BD232A-503D-41BB-93E7-A57EC741A5BF} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {96A13FF4-6C01-4C12-9599-75D36BCA40C0} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {98FBD70F-C0A6-4809-921E-A9DDE916DEE9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {CC52CDF7-952F-4DCF-B01B-4C7CC7F3683B} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {D8E23843-77D2-45F3-BA82-D1F0557C1159} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {E8D3CBC5-2C00-4B75-B684-854AD8EBC219} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-22] (Adobe Systems Incorporated)
Task: {EB44CF62-1A16-453D-A779-50CA2AACBFAD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-19] (Google Inc.)
Task: {EEA16AB5-E09E-4DBE-9EE4-32D0B090808A} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2013 08:50:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2013 08:49:27 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (06/22/2013 07:33:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2013 07:32:11 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (06/22/2013 03:30:25 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2013 03:30:06 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2013 03:29:26 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2013 03:29:06 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2013 03:26:55 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (06/22/2013 03:26:35 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".


System errors:
=============
Error: (06/22/2013 08:53:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (06/22/2013 07:37:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (06/22/2013 02:55:13 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005


Microsoft Office Sessions:
=========================
Error: (06/22/2013 08:50:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2013 08:49:27 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (06/22/2013 07:33:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/22/2013 07:32:11 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (06/22/2013 03:30:25 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (06/22/2013 03:30:06 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (06/22/2013 03:29:26 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (06/22/2013 03:29:06 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (06/22/2013 03:26:55 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (06/22/2013 03:26:35 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-06-21 21:55:24.591
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-21 21:55:24.529
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-21 21:55:24.482
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-21 21:55:24.420
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-21 20:40:45.525
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-21 20:40:45.462
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 4077.86 MB
Available physical RAM: 2343.93 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 6186.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.15 GB) (Free:354.98 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 24DDFD60)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:00 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55