Der obere Code war vorhin der gesamte Inhalt der FRST.txt Datei :confused:
Na ja, hier nochmal ein neuer Scan :)
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013
Ran by JuliaG (administrator) on JULIA on 26-09-2013 21:24:13
Running from C:\Users\JuliaG\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Web Eight LLC.) C:\Program Files (x86)\BrowserProtect\BpSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(PC Tools) C:\Program Files (x86)\ThreatFire\TFTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-13] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-13] (Atheros Communications)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-21] (Synaptics Incorporated)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759384 2013-07-08] (Sandboxie Holdings, LLC)
HKCU\...\Run: [BrowserProtect] - C:\Program Files (x86)\BrowserProtect\BpAuto.lnk [2247 2013-07-18] ()
MountPoints2: {00cb0da9-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0dd4-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0deb-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0df7-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0e13-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0e1d-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0f2a-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb0f34-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb1066-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb10bd-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb10f7-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb1196-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb11a0-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb12c2-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {00cb12e7-4dfc-11e2-be72-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {299bad23-696d-11e2-be98-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {3dbeaa1c-67f9-11e2-be96-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {45c10217-51cd-11e2-be73-806e6f6e6963} - "G:\StartVMCLite.exe"
MountPoints2: {61c019e8-5ee7-11e2-be86-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {61c01c3f-5ee7-11e2-be86-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {8461109a-67fa-11e2-be97-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {846110a2-67fa-11e2-be97-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {846110b0-67fa-11e2-be97-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {846110b4-67fa-11e2-be97-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {84611688-67fa-11e2-be97-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f65a-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f65e-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f696-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f69c-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f6bf-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f6ce-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {9499f709-696e-11e2-be99-083e8eda824a} - "F:\StartVMCLite.exe"
MountPoints2: {be7cce8b-67f7-11e2-be95-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {be7cced3-67f7-11e2-be95-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {be7ccf00-67f7-11e2-be95-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {be7ccf0e-67f7-11e2-be95-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {be7ccf33-67f7-11e2-be95-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {d0c71944-66fe-11e2-be93-083e8eda824a} - "E:\StartVMCLite.exe"
MountPoints2: {d0c71c69-66fe-11e2-be93-083e8eda824a} - "E:\StartVMCLite.exe"
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [ThreatFire] - C:\Program Files (x86)\ThreatFire\TFTray.exe [378128 2011-02-22] (PC Tools)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {42FEFA63-F753-4E5A-9004-49E57BBC8A90} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {42FEFA63-F753-4E5A-9004-49E57BBC8A90} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {46FBB9C1-3123-4CC8-85E5-8056CC29581D} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: No Name - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File
BHO-x32: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.6) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Dr.Web Anti-Virus Link Checker) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb\3.2.1_0
CHR Extension: (Google Docs) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WOT) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Site to Phone) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmdgmondalbgpbiceiahbfpjddegdoci\5.0.2_0
CHR Extension: (Google Search) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (VTchromizer) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka\1.2_0
CHR Extension: (AdBlock) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0
CHR Extension: (avast! Online Security) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Auto Replay for YouTube) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.28_0
CHR Extension: (Tema Supernatural) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcmldjlboleidnkpfnojbngfeloncdmk\1.1_0
CHR Extension: (Qtube) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhakcmpgccbfnmamojhjhaflhnfdooaa\1.11_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (NotScripts) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0
CHR Extension: (Gmail) - C:\Users\JuliaG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-13] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BpSvc; C:\Program Files (x86)\BrowserProtect\BpSvc.exe [1867776 2011-11-11] (Web Eight LLC.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [852264 2013-08-16] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-08-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-08-16] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-13] (Atheros)
S4 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-13] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-08-13] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [46792 2013-08-13] (AnchorFree Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-21] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
U5 TfFsMon; C:\Windows\System32\Drivers\TfFsMon.sys [65072 2011-02-22] (PC Tools)
U5 TfNetMon; C:\Windows\System32\Drivers\TfNetMon.sys [41888 2011-02-22] (PC Tools)
U5 TfSysMon; C:\Windows\System32\Drivers\TfSysMon.sys [74824 2011-02-22] (PC Tools)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-25 19:58 - 2013-09-25 19:58 - 05130004 _____ (Swearware) C:\Users\JuliaG\Desktop\ComboFix.exe
2013-09-25 19:57 - 2013-09-25 19:57 - 00000000 _____ C:\Users\JuliaG\Desktop\ComboFix_exe.f056dy3.partial
2013-09-25 19:51 - 2013-09-25 19:51 - 00000000 ____D C:\Qoobox
2013-09-25 19:48 - 2013-09-25 19:51 - 00000000 ___SD C:\32788R22FWJFW
2013-09-25 19:48 - 2013-09-25 19:48 - 00000000 ____D C:\Windows\erdnt
2013-09-25 16:19 - 2013-09-26 18:16 - 00017008 _____ C:\Users\JuliaG\Desktop\Addition.txt
2013-09-25 16:17 - 2013-09-25 16:17 - 00000000 ____D C:\FRST
2013-09-25 16:16 - 2013-09-25 16:16 - 01955802 _____ (Farbar) C:\Users\JuliaG\Desktop\FRST64.exe
2013-09-25 14:58 - 2013-09-25 14:58 - 29036456 _____ (Oracle Corporation) C:\Users\JuliaG\Desktop\jre-7u40-windows-i586.exe
2013-09-25 14:38 - 2013-09-25 14:38 - 00337872 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-22 19:41 - 2013-09-22 19:41 - 00000000 ____D C:\Users\JuliaG\Documents\Supernatural
2013-09-22 18:35 - 2013-09-22 19:18 - 00000000 ____D C:\Users\JuliaG\Desktop\Physik
2013-09-22 18:35 - 2013-09-22 19:09 - 00000000 ____D C:\Users\JuliaG\Desktop\Mathe
2013-09-22 18:10 - 2013-09-22 18:09 - 01010104 _____ C:\Users\JuliaG\Desktop\Schaufenster.jpeg
2013-09-22 01:26 - 2013-09-22 01:33 - 324670162 _____ C:\Users\JuliaG\Desktop\Supernatural.S08E01.Wo.ist.Kevin.x264-ITG.rar
2013-09-19 13:20 - 2013-09-19 13:20 - 01322957 _____ C:\Users\JuliaG\Desktop\Entschuldigung.jpeg
2013-09-18 19:00 - 2013-09-18 19:01 - 37819625 _____ C:\Users\JuliaG\Desktop\Dale amp Julia Still.mp4
2013-09-18 17:51 - 2013-09-18 17:51 - 12936795 _____ C:\Users\JuliaG\Desktop\Supernatural It all falls down [SSC - Round 5] Glitch-Free.mp4
2013-09-17 00:15 - 2013-09-20 18:25 - 00000000 ____D C:\Users\JuliaG\Documents\Arrow
2013-09-13 19:29 - 2013-09-13 19:29 - 00779937 _____ C:\Users\JuliaG\Desktop\Aufgaben Mathe.jpeg
2013-09-13 14:04 - 2013-09-13 14:04 - 00000000 ____D C:\ProgramData\Google
2013-09-13 14:04 - 2013-09-13 14:04 - 00000000 ____D C:\Program Files\Google
2013-09-13 13:27 - 2013-09-19 01:26 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 13:27 - 2013-09-19 01:26 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-11 22:09 - 2013-09-11 22:09 - 01334434 _____ C:\Users\JuliaG\Desktop\Mathelösungen 3.jpeg
2013-09-11 22:09 - 2013-09-11 22:09 - 01195404 _____ C:\Users\JuliaG\Desktop\Mathelösungen 4.jpeg
2013-09-11 22:08 - 2013-09-11 22:09 - 01222840 _____ C:\Users\JuliaG\Desktop\Mathelösungen 2.jpeg
2013-09-11 22:08 - 2013-09-11 22:09 - 01177668 _____ C:\Users\JuliaG\Desktop\Mathelösungen 1.jpeg
2013-09-11 22:01 - 2013-09-11 22:09 - 01185804 _____ C:\Users\JuliaG\Desktop\Mathelösungen Klausur Nr. 5.jpeg
2013-09-11 21:58 - 2013-09-11 21:59 - 00000000 ____D C:\ProgramData\EPSON
2013-09-11 20:47 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 20:47 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 20:47 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 20:47 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 20:47 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 20:47 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 20:47 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 20:47 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 20:47 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 20:47 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 20:47 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 20:47 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 20:47 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 20:44 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 20:44 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 20:44 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 20:44 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 20:44 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 20:44 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 20:44 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 20:44 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 20:44 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 20:44 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 20:44 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 20:44 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 20:44 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 20:44 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 20:44 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 20:44 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 20:44 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 20:44 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 20:44 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 20:44 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 20:44 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 20:44 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 20:44 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 20:44 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 20:44 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 20:44 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 20:44 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 20:44 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 20:44 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 20:44 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 20:44 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 20:43 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 20:43 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 20:43 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 20:43 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 20:43 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 20:43 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 20:43 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 20:43 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 20:43 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 20:43 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 20:43 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 20:43 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 20:43 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 20:43 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 20:43 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 20:43 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 20:43 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 20:43 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 20:43 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 20:43 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 20:43 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 20:43 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 20:43 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 20:43 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-09 22:21 - 2013-09-09 22:21 - 00000000 ____D C:\Program Files (x86)\AVAST Software
2013-09-07 23:22 - 2013-09-08 01:23 - 00014974 _____ C:\Users\JuliaG\Desktop\Sometimes It's Just Destiny.odt
2013-09-07 17:59 - 2013-09-07 17:59 - 00002700 _____ C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.1.lnk
2013-09-07 17:58 - 2013-09-07 17:58 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\LibreOffice
2013-09-07 17:51 - 2013-09-07 17:51 - 00000000 ____D C:\Users\JuliaG\AppData\Local\GottCode
2013-09-07 17:50 - 2013-09-07 18:00 - 00000000 ____D C:\Users\JuliaG\Downloads\FocusWriter_1.4.4
2013-09-07 17:50 - 2013-09-07 17:52 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2013-09-07 17:49 - 2013-09-07 17:49 - 10181138 _____ C:\Users\JuliaG\Downloads\FocusWriter_1.4.4.zip
2013-09-07 17:44 - 2013-09-07 17:44 - 00001240 _____ C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC media player.lnk
2013-09-07 17:39 - 2013-09-07 17:39 - 03030749 _____ C:\Users\JuliaG\Downloads\Treesheets_Setup.exe
2013-09-07 17:39 - 2013-09-07 17:39 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\TreeSheetsdbs
2013-09-07 17:39 - 2013-09-07 17:39 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSheets
2013-09-07 17:39 - 2013-09-07 17:39 - 00000000 ____D C:\Program Files (x86)\TreeSheets
2013-09-07 17:35 - 2013-09-07 17:35 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Spacejock Software
2013-09-07 17:34 - 2013-09-07 17:34 - 00614816 _____ C:\Users\JuliaG\Downloads\LibreOffice_4.1.1_x86.msi.exe
2013-09-07 17:34 - 2013-09-07 17:34 - 00000000 ____D C:\Users\JuliaG\Documents\yWriter5 Sample
2013-09-07 17:34 - 2013-09-07 17:34 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2013-09-07 17:34 - 2013-09-07 17:34 - 00000000 ____D C:\Program Files (x86)\yWriter5
2013-09-07 17:33 - 2013-09-07 17:34 - 02046840 _____ (Spacejock Software ) C:\Users\JuliaG\Downloads\yWriter5Full.exe
2013-09-07 17:31 - 2013-09-07 17:35 - 00106496 _____ C:\Users\JuliaG\Test.h2.db
2013-09-07 17:30 - 2013-09-07 17:46 - 00000000 ____D C:\Users\JuliaG\.storybook
2013-09-07 17:29 - 2013-09-07 17:30 - 00000000 ____D C:\Program Files (x86)\Storybook4
2013-09-07 17:29 - 2013-09-07 17:29 - 00002257 _____ C:\Users\fbwuser\Desktop\Storybook 4.lnk
2013-09-07 17:29 - 2013-09-07 17:29 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storybook 4
2013-09-07 17:23 - 2013-09-07 17:28 - 66047950 _____ C:\Users\JuliaG\Downloads\storybook-4.0.9-win32.zip
2013-09-02 18:40 - 2013-09-22 02:25 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\vlc
2013-09-02 18:39 - 2013-09-02 18:39 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-02 15:51 - 2013-09-13 13:24 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2013-09-02 12:19 - 2013-09-02 12:19 - 00000000 ____D C:\Users\JuliaG\Documents\Under The Dome
2013-08-31 12:35 - 2013-08-13 01:07 - 00046792 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2013-08-27 01:41 - 2013-08-27 01:41 - 00001508 _____ C:\Users\JuliaG\AppData\Local\recently-used.xbel
==================== One Month Modified Files and Folders =======
2013-09-26 21:24 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-26 18:17 - 2012-12-28 23:57 - 00000000 ____D C:\Users\JuliaG\AppData\Local\CrashDumps
2013-09-26 18:16 - 2013-09-25 16:19 - 00017008 _____ C:\Users\JuliaG\Desktop\Addition.txt
2013-09-26 18:12 - 2013-01-15 23:24 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 14:10 - 2012-11-06 23:07 - 01407722 _____ C:\Windows\WindowsUpdate.log
2013-09-25 21:53 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-25 21:52 - 2012-07-26 07:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2013-09-25 20:50 - 2013-01-15 23:24 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-25 19:58 - 2013-09-25 19:58 - 05130004 _____ (Swearware) C:\Users\JuliaG\Desktop\ComboFix.exe
2013-09-25 19:57 - 2013-09-25 19:57 - 00000000 _____ C:\Users\JuliaG\Desktop\ComboFix_exe.f056dy3.partial
2013-09-25 19:51 - 2013-09-25 19:51 - 00000000 ____D C:\Qoobox
2013-09-25 19:51 - 2013-09-25 19:48 - 00000000 ___SD C:\32788R22FWJFW
2013-09-25 19:48 - 2013-09-25 19:48 - 00000000 ____D C:\Windows\erdnt
2013-09-25 18:43 - 2013-07-18 16:27 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-25 16:17 - 2013-09-25 16:17 - 00000000 ____D C:\FRST
2013-09-25 16:16 - 2013-09-25 16:16 - 01955802 _____ (Farbar) C:\Users\JuliaG\Desktop\FRST64.exe
2013-09-25 14:58 - 2013-09-25 14:58 - 29036456 _____ (Oracle Corporation) C:\Users\JuliaG\Desktop\jre-7u40-windows-i586.exe
2013-09-25 14:48 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-25 14:43 - 2013-05-30 20:10 - 00000000 ____D C:\Update
2013-09-25 14:38 - 2013-09-25 14:38 - 00337872 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-25 14:38 - 2012-08-03 04:22 - 00031726 _____ C:\Windows\PFRO.log
2013-09-24 22:45 - 2013-01-01 21:28 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7F58149E-9AC4-4BA7-8AF8-D5C742467353}
2013-09-24 19:44 - 2012-12-24 21:19 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3737921395-3347220288-3981326679-1001
2013-09-24 00:40 - 2013-07-18 16:54 - 00001622 _____ C:\Windows\Sandboxie.ini
2013-09-24 00:02 - 2012-12-24 21:11 - 00000000 ____D C:\Users\JuliaG\AppData\Local\Packages
2013-09-22 19:41 - 2013-09-22 19:41 - 00000000 ____D C:\Users\JuliaG\Documents\Supernatural
2013-09-22 19:41 - 2013-01-26 00:46 - 00000000 ____D C:\Users\JuliaG\Documents\Vampire Diaries
2013-09-22 19:41 - 2012-12-24 21:11 - 00000000 ____D C:\Users\JuliaG
2013-09-22 19:18 - 2013-09-22 18:35 - 00000000 ____D C:\Users\JuliaG\Desktop\Physik
2013-09-22 19:09 - 2013-09-22 18:35 - 00000000 ____D C:\Users\JuliaG\Desktop\Mathe
2013-09-22 18:09 - 2013-09-22 18:10 - 01010104 _____ C:\Users\JuliaG\Desktop\Schaufenster.jpeg
2013-09-22 02:25 - 2013-09-02 18:40 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\vlc
2013-09-22 01:33 - 2013-09-22 01:26 - 324670162 _____ C:\Users\JuliaG\Desktop\Supernatural.S08E01.Wo.ist.Kevin.x264-ITG.rar
2013-09-21 01:50 - 2012-07-26 09:21 - 00031190 _____ C:\Windows\setupact.log
2013-09-20 18:25 - 2013-09-17 00:15 - 00000000 ____D C:\Users\JuliaG\Documents\Arrow
2013-09-19 13:20 - 2013-09-19 13:20 - 01322957 _____ C:\Users\JuliaG\Desktop\Entschuldigung.jpeg
2013-09-19 03:28 - 2013-07-18 20:41 - 00047854 _____ C:\Users\JuliaG\Desktop\Postvorlage.txt
2013-09-19 01:26 - 2013-09-13 13:27 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 01:26 - 2013-09-13 13:27 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-18 19:01 - 2013-09-18 19:00 - 37819625 _____ C:\Users\JuliaG\Desktop\Dale amp Julia Still.mp4
2013-09-18 17:51 - 2013-09-18 17:51 - 12936795 _____ C:\Users\JuliaG\Desktop\Supernatural It all falls down [SSC - Round 5] Glitch-Free.mp4
2013-09-17 22:30 - 2012-11-06 22:50 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-09-16 17:50 - 2013-07-04 22:45 - 00000000 ___RD C:\Users\JuliaG\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2013-09-13 19:29 - 2013-09-13 19:29 - 00779937 _____ C:\Users\JuliaG\Desktop\Aufgaben Mathe.jpeg
2013-09-13 14:04 - 2013-09-13 14:04 - 00000000 ____D C:\ProgramData\Google
2013-09-13 14:04 - 2013-09-13 14:04 - 00000000 ____D C:\Program Files\Google
2013-09-13 14:04 - 2013-01-15 23:24 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-13 13:26 - 2013-07-18 16:58 - 00000000 ____D C:\Program Files (x86)\BrowserProtect
2013-09-13 13:24 - 2013-09-02 15:51 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2013-09-13 00:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-13 00:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-13 00:37 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-13 00:36 - 2013-07-18 16:27 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-11 22:09 - 2013-09-11 22:09 - 01334434 _____ C:\Users\JuliaG\Desktop\Mathelösungen 3.jpeg
2013-09-11 22:09 - 2013-09-11 22:09 - 01195404 _____ C:\Users\JuliaG\Desktop\Mathelösungen 4.jpeg
2013-09-11 22:09 - 2013-09-11 22:08 - 01222840 _____ C:\Users\JuliaG\Desktop\Mathelösungen 2.jpeg
2013-09-11 22:09 - 2013-09-11 22:08 - 01177668 _____ C:\Users\JuliaG\Desktop\Mathelösungen 1.jpeg
2013-09-11 22:09 - 2013-09-11 22:01 - 01185804 _____ C:\Users\JuliaG\Desktop\Mathelösungen Klausur Nr. 5.jpeg
2013-09-11 21:59 - 2013-09-11 21:58 - 00000000 ____D C:\ProgramData\EPSON
2013-09-11 21:07 - 2013-07-21 21:39 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 21:04 - 2012-12-31 16:52 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 22:21 - 2013-09-09 22:21 - 00000000 ____D C:\Program Files (x86)\AVAST Software
2013-09-08 01:23 - 2013-09-07 23:22 - 00014974 _____ C:\Users\JuliaG\Desktop\Sometimes It's Just Destiny.odt
2013-09-07 18:00 - 2013-09-07 17:50 - 00000000 ____D C:\Users\JuliaG\Downloads\FocusWriter_1.4.4
2013-09-07 17:59 - 2013-09-07 17:59 - 00002700 _____ C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.1.lnk
2013-09-07 17:58 - 2013-09-07 17:58 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\LibreOffice
2013-09-07 17:52 - 2013-09-07 17:50 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4
2013-09-07 17:51 - 2013-09-07 17:51 - 00000000 ____D C:\Users\JuliaG\AppData\Local\GottCode
2013-09-07 17:49 - 2013-09-07 17:49 - 10181138 _____ C:\Users\JuliaG\Downloads\FocusWriter_1.4.4.zip
2013-09-07 17:46 - 2013-09-07 17:30 - 00000000 ____D C:\Users\JuliaG\.storybook
2013-09-07 17:44 - 2013-09-07 17:44 - 00001240 _____ C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC media player.lnk
2013-09-07 17:39 - 2013-09-07 17:39 - 03030749 _____ C:\Users\JuliaG\Downloads\Treesheets_Setup.exe
2013-09-07 17:39 - 2013-09-07 17:39 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\TreeSheetsdbs
2013-09-07 17:39 - 2013-09-07 17:39 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TreeSheets
2013-09-07 17:39 - 2013-09-07 17:39 - 00000000 ____D C:\Program Files (x86)\TreeSheets
2013-09-07 17:35 - 2013-09-07 17:35 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Spacejock Software
2013-09-07 17:35 - 2013-09-07 17:31 - 00106496 _____ C:\Users\JuliaG\Test.h2.db
2013-09-07 17:34 - 2013-09-07 17:34 - 00614816 _____ C:\Users\JuliaG\Downloads\LibreOffice_4.1.1_x86.msi.exe
2013-09-07 17:34 - 2013-09-07 17:34 - 00000000 ____D C:\Users\JuliaG\Documents\yWriter5 Sample
2013-09-07 17:34 - 2013-09-07 17:34 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spacejock Software
2013-09-07 17:34 - 2013-09-07 17:34 - 00000000 ____D C:\Program Files (x86)\yWriter5
2013-09-07 17:34 - 2013-09-07 17:33 - 02046840 _____ (Spacejock Software ) C:\Users\JuliaG\Downloads\yWriter5Full.exe
2013-09-07 17:30 - 2013-09-07 17:29 - 00000000 ____D C:\Program Files (x86)\Storybook4
2013-09-07 17:29 - 2013-09-07 17:29 - 00002257 _____ C:\Users\fbwuser\Desktop\Storybook 4.lnk
2013-09-07 17:29 - 2013-09-07 17:29 - 00000000 ____D C:\Users\JuliaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storybook 4
2013-09-07 17:28 - 2013-09-07 17:23 - 66047950 _____ C:\Users\JuliaG\Downloads\storybook-4.0.9-win32.zip
2013-09-02 18:39 - 2013-09-02 18:39 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-02 18:38 - 2013-07-18 16:14 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2013-09-02 12:19 - 2013-09-02 12:19 - 00000000 ____D C:\Users\JuliaG\Documents\Under The Dome
2013-08-31 12:35 - 2013-04-04 02:34 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-08-30 09:48 - 2013-07-18 16:28 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-07-18 16:28 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-07-18 16:27 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-07-18 16:27 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-07-18 16:27 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-07-18 16:27 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-07-18 16:27 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-07-18 16:27 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:47 - 2013-07-18 16:27 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-07-18 16:26 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-27 01:46 - 2013-04-25 17:44 - 00000000 ____D C:\Users\JuliaG\.gimp-2.8
2013-08-27 01:41 - 2013-08-27 01:41 - 00001508 _____ C:\Users\JuliaG\AppData\Local\recently-used.xbel
Files to move or delete:
====================
C:\Users\JuliaG\AppData\Roaming\Camdata.ini
C:\Users\JuliaG\AppData\Roaming\CamLayout.ini
C:\Users\JuliaG\AppData\Roaming\CamShapes.ini
Some content of TEMP:
====================
C:\Users\JuliaG\AppData\Local\Temp\AskSLib.dll
C:\Users\JuliaG\AppData\Local\Temp\AutoRun.exe
C:\Users\JuliaG\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\JuliaG\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\JuliaG\AppData\Local\Temp\conduitinstaller.exe
C:\Users\JuliaG\AppData\Local\Temp\drm_dialogs.dll
C:\Users\JuliaG\AppData\Local\Temp\drm_dyndata_7350007.dll
C:\Users\JuliaG\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\JuliaG\AppData\Local\Temp\EAInstall.dll
C:\Users\JuliaG\AppData\Local\Temp\eauninstall.exe
C:\Users\JuliaG\AppData\Local\Temp\First15.exe
C:\Users\JuliaG\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\JuliaG\AppData\Local\Temp\SIntf16.dll
C:\Users\JuliaG\AppData\Local\Temp\SIntf32.dll
C:\Users\JuliaG\AppData\Local\Temp\SIntfNT.dll
C:\Users\JuliaG\AppData\Local\Temp\tbHot0.dll
C:\Users\JuliaG\AppData\Local\Temp\The Sims 2 Glamour Life Stuff_uninst.exe
C:\Users\JuliaG\AppData\Local\Temp\VP6Install.exe
C:\Users\JuliaG\AppData\Local\Temp\VP6VFW.dll
C:\Users\JuliaG\AppData\Local\Temp\_is5DD1.exe
C:\Users\JuliaG\AppData\Local\Temp\_isCF2D.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-09 19:30
==================== End Of Log ============================ --- --- ---
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013
Ran by JuliaG at 2013-09-26 21:24:52
Running from C:\Users\JuliaG\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
avast! Ad Blocker (x32 Version: 1.0.0.0)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bejeweled 3 (x32 Version: 2.2.0.98)
Blender (Version: 2.66a)
Bonjour (Version: 3.0.0.10)
BrowserProtect 1.12 (x32)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110)
Celtx (2.9) (x32 Version: 2.9 (de))
Chronicles of Albian (x32 Version: 2.2.0.110)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923)
CyberLink PowerDVD (x32 Version: 9.0.5601.52)
D3DX10 (x32 Version: 15.4.2368.0902)
Die Sims™ Inselgeschichten (x32)
Die*Sims™*3 (x32 Version: 1.0.631)
EPSON-Drucker-Software
FATE (x32 Version: 2.2.0.97)
FDUx86 (x32 Version: 1.0.0)
Fotogalerie (x32 Version: 16.4.3505.0912)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (x32 Version: 29.0.1547.76)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110)
Hotspot Shield 3.13 (x32 Version: 3.13)
Intel AppUp(SM) center (x32 Version: 03.05.11)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
KUx86 (x32 Version: 1.0.0)
LibreOffice 4.1.1.2 (x32 Version: 4.1.1.2)
Luxor HD (x32 Version: 2.2.0.110)
Mahjongg Artifacts (x32 Version: 2.2.0.110)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
PDF24 Creator 5.4.0 (x32)
Photo Gallery (x32 Version: 16.4.3505.0912)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayMemories Home (x32 Version: 6.3.02.07270)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
Restore (x32 Version: 1.0.0)
Sandboxie 4.04 (64-bit) (Version: 4.04)
SCS Shortcut (x32 Version: 1.0)
Shared C Run-time for x64 (Version: 10.0.0)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Storybook4 (x32 Version: 4.0.9)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
TeamViewer 8 (x32 Version: 8.0.19045)
The Movies(TM) (x32 Version: 1.0)
ThreatFire (x32)
TreeSheets (x32)
Trelby (x32 Version: 2.2.0.0)
Update Installer for WildTangent Games App (x32)
VAIO - Xperia Link (x32 Version: 1.0.0.08170)
VAIO Care (Version: 8.2.0.15030)
VAIO Control Center (x32 Version: 6.0.0.08200)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 8.2.0.14170)
VAIO Gate (x32 Version: 3.0.0.08140)
VAIO Gate Default (x32 Version: 3.0.0.08060)
VAIO Gesture Control (x32 Version: 2.0.0.08240)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Improvement (x32 Version: 2.0.0.08090)
VAIO Media Server Settings (Version: 1.0.0.08240)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (x32 Version: 1.0.0)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VLC media player 2.0.7 (Version: 2.0.7)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
WildTangent Games App (x32 Version: 4.0.8.7)
WildTangent-Spiele (x32 Version: 1.0.3.0)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
XperiaLinkx86 (x32 Version: 1.0.0)
yWriter5 (x32)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
==================== Restore Points =========================
07-09-2013 15:49:37 Installed LibreOffice 4.1.1.2
11-09-2013 19:03:09 Windows Update
17-09-2013 20:28:46 Installiert VAIO Update
24-09-2013 17:44:52 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03D258E2-4ADB-4328-B24F-ACB6E935AE7F} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {04D7BB19-FE01-43CC-B8AD-679CD8B3B00F} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {142D793A-6B6E-4E58-AE81-6FF89DB98C39} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {1DD40294-A90A-496D-9617-77D7B90E13D1} - System32\Tasks\User_Feed_Synchronization-{7F58149E-9AC4-4BA7-8AF8-D5C742467353} => C:\Windows\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)
Task: {2650DB84-F81F-4CF3-9C38-6989D8C3737D} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {31C90071-7ECE-4025-B343-6107ABAEC4CA} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {39CB2848-0907-45C0-9F8D-2C10B413D7A8} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {428D0471-84A0-4434-A64F-4D69312DE2D0} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {43729DC2-8FA6-4FEB-BB58-6FBD004971FA} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {467EB660-4760-4915-BCF2-28F212A7C0B9} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {4C4B3CB4-AB43-4693-AA97-297171C01597} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {514C3B0B-732B-4E6C-9F08-C257F33A55D2} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {5B247B86-914F-4C89-A16A-04FB7A693907} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6B90A254-C504-4272-AC3D-5D92739BFF47} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {8B1658E6-B19B-498F-A651-A6FDE532C979} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {93E747A0-0AE4-42EE-8A5D-0FB424CB3ED5} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {A98A9AAD-03DB-4FA1-8518-D8FA42742024} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {B4A998E5-BC03-4A96-97A8-FBE9F145FABD} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {BA61CC85-A139-49BD-9A03-77995D8CBE52} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {BDE74693-B1CF-498D-9B3A-7996FE75808F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {C2F55DAC-AFE1-4447-93AF-E5EC80BB9C38} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {C2FD5CF9-CC83-48E4-95B3-040136A2E0F5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {C8020CF3-C872-45C9-A3D9-125FD1A3EB3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-15] (Google Inc.)
Task: {CBE0A224-8B0C-411E-BABC-A983898C752C} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {DAA9FA59-FFC6-425F-A205-6B8BD958616D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {ED407C14-468C-412A-97DD-5A6219287766} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-15] (Google Inc.)
Task: {F4675DF7-5272-4308-8A45-AC3EF35F8FC5} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {F6029BE3-E75F-4593-83ED-69E06686E5CC} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {FB3329D2-7F5A-45EF-9825-2DF5E6B89039} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-26 03:22 - 2012-07-26 05:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\IME\SHARED\IMEROAMING.DLL
2013-06-01 14:44 - 2013-06-01 14:44 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-11-06 22:57 - 2012-08-20 10:22 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2012-11-06 22:57 - 2012-08-20 10:22 - 03643024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2012-08-21 20:42 - 2012-08-20 10:34 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-08-21 20:42 - 2012-08-20 10:30 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-08 13:29 - 2013-07-08 13:29 - 00456280 _____ (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieDll.dll
2013-07-24 17:00 - 2013-07-24 17:00 - 00344696 _____ (Sony Corporation) C:\Windows\Microsoft.Net\assembly\GAC_64\VAIOCareToolkit\v4.0_8.2.0.14260__6b746f706d1a5a7d\VAIOCareToolkit.dll
2013-09-13 13:27 - 2013-09-19 01:26 - 00537560 _____ (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.dll
2013-07-18 16:58 - 2011-11-08 12:37 - 06471680 _____ (TODO: <Company name>) C:\Program Files (x86)\BrowserProtect\slt.dll
2013-07-18 16:37 - 2011-02-22 13:56 - 00044816 _____ (PC Tools) C:\Program Files (x86)\ThreatFire\TFAPI.dll
2012-11-06 23:52 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-09-13 13:27 - 2013-09-19 01:26 - 14397400 _____ (Adobe Systems, Inc.) C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\JuliaG\Desktop\Aufgaben Mathe.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Aufgaben Mathe.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Entschuldigung.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Entschuldigung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen 4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen Klausur Nr. 5.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Mathelösungen Klausur Nr. 5.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\JuliaG\Desktop\Schaufenster.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\JuliaG\Desktop\Schaufenster.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/26/2013 09:24:17 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Ungültige Seitenverknüpfung (Fehler -327) in B-Struktur (Objekt-Id: 15, PgnoRoot: 57) von Datenbank C:\Windows\system32\SRU\SRUDB.dat (865 => 4059, svchost0).
Error: (09/26/2013 06:17:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: vim.exe, Version: 2.0.2.4020, Zeitstempel: 0x515a89db
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2bcac
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0000000000070468
ID des fehlerhaften Prozesses: 0x19f4
Startzeit der fehlerhaften Anwendung: 0xvim.exe0
Pfad der fehlerhaften Anwendung: vim.exe1
Pfad des fehlerhaften Moduls: vim.exe2
Berichtskennung: vim.exe3
Vollständiger Name des fehlerhaften Pakets: vim.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vim.exe5
Error: (09/26/2013 06:13:35 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Das Datenbankmodul hat die Instanz (0) mit einem Fehler (-1090) beendet.
Interne Zeitsteuerungsabfolge: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.031, [7] 0.000, [8] 0.000, [9] 0.015, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.
Error: (09/26/2013 02:15:56 PM) (Source: SampleCollector) (User: )
Description: write_samples::CreateFile: Failed with error 0x570: Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
Error: (09/26/2013 02:00:41 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Rollback von Operation #1451 für Datenbank C:\Windows\system32\SRU\SRUDB.dat konnte nicht durchgeführt werden. Fehler: -510. Alle zukünftigen Datenbankaktualisierungen werden zurückgewiesen.
Error: (09/26/2013 02:00:41 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Die Protokolldatei-Reihenfolge in "C:\Windows\system32\SRU\" wurde durch einen schwerwiegenden Fehler angehalten. Für die Datenbank, die diese Protokolldatei-Reihenfolge verwendet, sind keine weiteren Aktualisierungen möglich. Bitte korrigieren Sie das Problem, und starten Sie erneut, oder führen Sie eine Wiederherstellung aus einer Sicherung durch.
Error: (09/26/2013 02:00:41 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Neue Protokolldatei konnte nicht erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1121.
Error: (09/26/2013 02:00:41 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Versuch, Datei "C:\Windows\system32\SRU\SRUtmp.log" zu erstellen, ist mit Systemfehler 1392 (0x00000570): "Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar. " fehlgeschlagen. Fehler -1121 (0xfffffb9f) beim Erstellen von Dateien.
Error: (09/26/2013 02:00:40 PM) (Source: ESENT) (User: )
Description: svchost (1860) SRUJet: Ungültige Seitenverknüpfung (Fehler -327) in B-Struktur (Objekt-Id: 15, PgnoRoot: 57) von Datenbank C:\Windows\system32\SRU\SRUDB.dat (865 => 4059, svchost0).
Error: (09/25/2013 10:35:56 PM) (Source: SampleCollector) (User: )
Description: write_samples::CreateFile: Failed with error 0x570: Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
System errors:
=============
Error: (09/26/2013 09:24:21 PM) (Source: Virtual Disk Service) (User: )
Description: Unerwarteter Anbieterfehler. Möglicherweise kann das Problem durch erneutes Starten des Dienstes behoben werden. Fehlercode: 8007001F@02000014
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x500000002d007. Der Name der Datei ist "\Users\JuliaG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHG9ZW6U\bg_btn_sing[1].png".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x2200000002d7e8. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000038.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x1400000002d7e3. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000037.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x1a00000002d7e2. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000036.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x1300000002d7de. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000035.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0xe00000002d7dd. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000034.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x3200000002d7dc. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000033.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x1300000002d7da. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000032.bin".
Error: (09/25/2013 09:54:58 PM) (Source: Ntfs) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0xa00000002d7d3. Der Name der Datei ist "\Program Files\AVAST Software\Avast\defs\13092500_stream\pkg1309250000000031.bin".
Microsoft Office Sessions:
=========================
Error: (09/26/2013 09:24:17 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: -3271557C:\Windows\system32\SRU\SRUDB.dat8654059835
Error: (09/26/2013 06:17:06 PM) (Source: Application Error)(User: )
Description: vim.exe2.0.2.4020515a89dbMSVCR100.dll10.0.40219.3254df2bcacc0000417000000000007046819f401cebad3d0d60bcdC:\Program Files\Sony\VAIO Improvement\vim.exeC:\Windows\SYSTEM32\MSVCR100.dll15990d45-26c7-11e3-bee9-083e8eda824a
Error: (09/26/2013 06:13:35 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: 0-1090[1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.031, [7] 0.000, [8] 0.000, [9] 0.015, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.
Error: (09/26/2013 02:15:56 PM) (Source: SampleCollector)(User: )
Description: write_samples::CreateFile: Failed with error 0x570: Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
Error: (09/26/2013 02:00:41 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: 1451C:\Windows\system32\SRU\SRUDB.dat-510
Error: (09/26/2013 02:00:41 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: C:\Windows\system32\SRU\
Error: (09/26/2013 02:00:41 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: -1121
Error: (09/26/2013 02:00:41 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: C:\Windows\system32\SRU\SRUtmp.log-1121 (0xfffffb9f)1392 (0x00000570)Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
Error: (09/26/2013 02:00:40 PM) (Source: ESENT)(User: )
Description: svchost1860SRUJet: -3271557C:\Windows\system32\SRU\SRUDB.dat8654059835
Error: (09/25/2013 10:35:56 PM) (Source: SampleCollector)(User: )
Description: write_samples::CreateFile: Failed with error 0x570: Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 3975.27 MB
Available physical RAM: 2597.43 MB
Total Pagefile: 4807.27 MB
Available Pagefile: 3210.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:429.52 GB) (Free:299.88 GB) NTFS
Drive e: (INTENSO) (Removable) (Total:7.2 GB) (Free:1.04 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 86C5BCA7)
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================ |