Leider habe ich nur noch die Log-Datei von Malware-Bytes: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 12.09.2014
Suchlauf-Zeit: 12:08:22
Logdatei: Logdatei.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.09.10.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Ursula
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 298458
Verstrichene Zeit: 17 Min, 14 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 7868, , [86c3b24d4832ff37b8821f79eb16c13f]
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 5
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [86c3b24d4832ff37b8821f79eb16c13f],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [4efb7c83a0da8bab29ed5ee14fb33ac6],
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, , [3019708fceacdb5bf0c2d8e73bc8aa56],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1679606836-2989269406-3342535892-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [4900a35cf8821620b7c1fd97a45ea759],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1679606836-2989269406-3342535892-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [76d3748b2c4e80b61cb23b6fa45fc739],
Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1679606836-2989269406-3342535892-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, , [76d3748b2c4e80b61cb23b6fa45fc739]
Registrierungsdaten: 2
Broken.OpenCommand, HKCR\scrfile\shell\open\command, NOTEPAD.EXE "Gut: ("Schlecht: (NOTEPAD.EXE "%1"),,[ffffffffffffffffffffffffffffffff]" /S)", %4, %5
Broken.OpenCommand, HKCR\regfile\shell\open\command, NOTEPAD.EXE "Gut: (regedit.exe "Schlecht: (NOTEPAD.EXE "%1"),,[ffffffffffffffffffffffffffffffff]")", %4, %5
Ordner: 0
(No malicious items detected)
Dateien: 17
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [86c3b24d4832ff37b8821f79eb16c13f],
PUP.Optional.OpenCandy, C:\Users\Ursula\AppData\Roaming\DVDVideoSoft\FreeYouTubeDownload.exe, , [6ddcde21403a320457b9371838c9827e],
PUP.Optional.OpenCandy, C:\Users\Ursula\Downloads\FreeYouTubeDownload-3.2.42.716.exe, , [60e947b87bff63d30d0380cfa25f56aa],
PUP.Optional.OpenCandy, C:\Users\Ursula\Downloads\FreeYouTubeToMP3Converter.exe, , [af9a639c25556ec89b7577d86b96e41c],
PUP.Optional.OpenCandy, C:\Users\Ursula\Downloads\cdbxp_setup_4.5.2.4214_minimal.exe, , [3712ad521466e05693b179f4f60add23],
PUP.Optional.Softonic, C:\Users\Ursula\Downloads\SoftonicDownloader_fuer_4free-video-converter.exe, , [4603748b611949edacf7d571827fac54],
PUP.Optional.Softonic.A, C:\Users\Ursula\Downloads\SoftonicDownloader_fuer_aurora-3d-text-logo-maker.exe, , [f653ea154535e353c43f075bf908cd33],
PUP.Optional.Softonic, C:\Users\Ursula\Downloads\SoftonicDownloader_fuer_free-screen-to-video (1).exe, , [cf7aed126d0df83e445f9caa03fe2cd4],
PUP.Optional.Softonic, C:\Users\Ursula\Downloads\SoftonicDownloader_fuer_free-screen-to-video.exe, , [0d3ccd3241395adc81229fa7bd44ac54],
PUP.Optional.Softonic, C:\Users\Ursula\Downloads\SoftonicDownloader_fuer_scribus.exe, , [c287a15ee3972a0cf6ad59ed857c20e0],
PUP.Optional.Softonic, C:\Users\Ursula\Downloads\SoftonicDownloader_fuer_videopad-video-editor.exe, , [6ddcf708423824122f7461e5847d45bb],
PUP.Optional.Bandoo, C:\Users\Ursula\Downloads\iLividSetup-r140-n-bi.exe, , [0b3eaf5058225fd7f8abba9141c0ce32],
PUP.Optional.InstallCore, C:\Users\Ursula\Downloads\ImageEditorSetup.exe, , [fb4e4db2c1b992a4386c5fb44bb926da],
PUP.Optional.RegCleanerPro, C:\Users\Ursula\Downloads\rcpsetupmarm1_marm1359828615de.exe, , [f0592cd3e5950036bb222d1f6a976898],
PUP.Optional.DownloadSponsor, C:\Users\Ursula\Downloads\animake.exe, , [c9807c8381f9f2443471d54dc1432fd1],
PUP.Optional.InstallCore, C:\Users\Ursula\Downloads\audacity203_install.exe, , [92b7a45b32482412d7e0d57cf30e5ca4],
PUP.Optional.OpenCandy, C:\Users\Ursula\Downloads\FreemakeVideoConverterSetup.exe, , [6bde619e087273c3a3fc6ae53ac7768a],
Physische Sektoren: 0
(No malicious items detected)
(end)
Hier noch die beiden LOGs vonFRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Ursula (administrator) on VAIOGIEBFRIED on 12-09-2014 14:01:16
Running from C:\Users\Ursula\Downloads
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc) C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\eexvlcbkbu64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
() C:\Program Files\005\vulsrsebjh64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AuthenTec Inc.) C:\Program Files\AuthenTec TrueSuite\TouchControl.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
() C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\FotoSketcher\FotoSketcher.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(SmartDraw.com) C:\Program Files (x86)\SmartDraw 2008\SmartDraw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-11-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1218704 2012-11-08] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1679606836-2989269406-3342535892-1002\...\Run: [MyTomTomSA.exe] => C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [455608 2013-05-23] (TomTom)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
Startup: C:\Users\Ursula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1410513535&from=cor&uid=WDCXWD10JPVT-55A1YT0_WD-WXE1A820131401314&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1410513535&from=cor&uid=WDCXWD10JPVT-55A1YT0_WD-WXE1A820131401314&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1C967162-EC6F-4CB4-B3AE-9346F0E17A70} URL = hxxp://search.softonic.com/MOY00465/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=ee5458ed000000000000c8f733924a36&r=593
SearchScopes: HKCU - {B95A190A-4567-4A10-88D0-5BA8B038CCFF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {E7FCF1D2-54F8-4C4F-88E9-D2FA5E4AD1CA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\AuthenTec TrueSuite\IEBHO.DLL (AuthenTec Inc.)
BHO-x32: No Name -> {66F57190-01EB-45A6-8260-7895267209F7} -> No File
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\AuthenTec TrueSuite\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: CouponDownloader -> {c817d3d8-b9da-521d-971d-2c0a747ea697} -> C:\Program Files\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\gohymlmtrh.dll No File
Toolbar: HKLM-x32 - No Name - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\AuthenTec TrueSuite\x86\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-08-01]
Chrome:
=======
CHR HomePage: Default -> 5D9BA6EBAD4D31AFB85312932BA6A616AB3B9424B8CE2E02064B364B9CBDA6FE
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1410513535&from=cor&uid=WDCXWD10JPVT-55A1YT0_WD-WXE1A820131401314"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-02]
CHR Extension: (Google Drive) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-02]
CHR Extension: (Adblock Plus) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-06]
CHR Extension: (Google-Suche) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-02]
CHR Extension: (Website Logon) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebojiegkcilcelpgibfpkjloejjoajhm [2014-01-02]
CHR Extension: (Polycraft) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2014-07-24]
CHR Extension: (Arcane Legends) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-02]
CHR Extension: (Google Mail) - C:\Users\Ursula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-02]
CHR HKLM-x32\...\Chrome\Extension: [ebojiegkcilcelpgibfpkjloejjoajhm] - C:\Program Files\AuthenTec TrueSuite\x86\tschrome.crx [2012-07-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CouponDownloaderService64; C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\eexvlcbkbu64.exe [172544 2014-07-25] () [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 FPLService; C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe [2125160 2012-07-17] (AuthenTec, Inc)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2014-01-02] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
R2 vulsrsebjh64; C:\Program Files\005\vulsrsebjh64.exe [709120 2014-08-17] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-12] (Fuyu LIMITED) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 rqpbhevlkc64; C:\Program Files\004\rqpbhevlkc64.exe run options=01100010040000000000000000000000 sourceguid=A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-04-05] (EldoS Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-25] (NetFilterSDK.com)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-01] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
R1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64; C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [61120 2014-06-20] (StdLib)
S0 elhcvip; System32\drivers\vtii.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-12 14:01 - 2014-09-12 14:01 - 00023138 _____ () C:\Users\Ursula\Downloads\FRST.txt
2014-09-12 14:01 - 2014-09-12 14:01 - 00000000 ____D () C:\FRST
2014-09-12 14:00 - 2014-09-12 14:00 - 02105856 _____ (Farbar) C:\Users\Ursula\Downloads\FRST64.exe
2014-09-12 12:57 - 2014-09-12 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-09-12 12:51 - 2014-09-12 12:54 - 00000000 ____D () C:\Program Files\CouponDownloader
2014-09-12 12:51 - 2014-09-12 12:51 - 00544128 _____ () C:\WINDOWS\Minidump\091214-36671-01.dmp
2014-09-12 12:50 - 2014-09-12 12:50 - 817407679 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-12 12:08 - 2014-09-12 12:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 12:07 - 2014-09-12 12:07 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 12:07 - 2014-09-12 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 12:07 - 2014-09-12 12:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 12:07 - 2014-09-12 12:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-12 12:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-12 12:07 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-12 12:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-12 12:06 - 2014-09-12 12:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ursula\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 12:05 - 2014-09-12 12:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 12:04 - 2014-09-12 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ursula\Downloads\revosetup95.exe
2014-09-12 11:28 - 2014-09-12 11:29 - 11089381 _____ (Franzis Verlag GmbH ) C:\Users\Ursula\Downloads\CutOut-4-Demo.exe
2014-09-12 11:24 - 2014-09-12 11:24 - 00000000 ____D () C:\Users\Ursula\Documents\PC Speed Maximizer
2014-09-12 11:20 - 2014-09-12 11:20 - 00000000 ____D () C:\Users\Ursula\Downloads\CutOut3_Demo
2014-09-12 11:19 - 2014-09-12 11:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-12 11:19 - 2014-09-12 11:19 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-12 11:18 - 2014-09-12 11:26 - 00000000 ____D () C:\Users\Ursula\AppData\Roaming\sweet-page
2014-09-12 11:02 - 2014-09-12 11:02 - 00000000 ____D () C:\ProgramData\Xara
2014-09-12 10:42 - 2014-09-12 11:02 - 00000000 ____D () C:\Users\Ursula\AppData\Local\Xara
2014-09-12 10:42 - 2014-09-12 10:42 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-09-12 10:41 - 2014-09-12 11:16 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-09-12 10:41 - 2014-09-12 11:11 - 00000000 ____D () C:\ProgramData\MAGIX
2014-09-12 10:38 - 2014-09-12 10:38 - 00000316 _____ () C:\Users\Ursula\AppData\Roaming\FotoSketcher.ini
2014-09-12 10:35 - 2014-09-12 10:35 - 03032976 _____ (MAGIX Software GmbH) C:\Users\Ursula\Downloads\trial_fotografikdesigner10_dlm.exe
2014-09-12 10:17 - 2014-09-12 10:17 - 00001019 _____ () C:\Users\Public\Desktop\FotoSketcher.lnk
2014-09-12 10:17 - 2014-09-12 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoSketcher
2014-09-12 10:17 - 2014-09-12 10:17 - 00000000 ____D () C:\Program Files (x86)\FotoSketcher
2014-09-12 10:16 - 2014-09-12 10:16 - 05959972 _____ (David THOIRON ) C:\Users\Ursula\Downloads\FotoSketcher_2.96_setup.exe
2014-09-07 13:45 - 2014-09-07 13:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-09-07 13:45 - 2014-09-07 13:45 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-09-04 13:01 - 2014-09-04 13:01 - 00144760 _____ (Premium Installer ) C:\Users\Ursula\Downloads\Drivers_Setup.exe
2014-08-31 11:06 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-31 10:55 - 2014-09-01 18:27 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-08-31 10:55 - 2014-09-01 18:27 - 00000000 ____D () C:\Users\Gast
2014-08-31 10:55 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Packages
2014-08-31 10:55 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages
2014-08-31 10:55 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-08-26 10:26 - 2014-08-26 10:26 - 00000000 _____ () C:\autoexec.bat
2014-08-26 10:25 - 2014-08-26 12:33 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-25 21:34 - 2014-08-25 21:34 - 41000088 _____ () C:\Users\Ursula\Documents\müc kataloge jo 2014.sdr
2014-08-25 21:27 - 2014-09-04 13:04 - 41627812 _____ () C:\Users\Ursula\Documents\müc kataloge 2014 4.sdr
2014-08-25 16:28 - 2014-08-25 16:28 - 40425300 _____ () C:\Users\Ursula\Documents\müc kataloge 3.sdr
2014-08-25 16:09 - 2014-08-25 16:50 - 40422505 _____ () C:\Users\Ursula\Documents\müc kataloge 2.sdr
2014-08-25 14:39 - 2014-08-25 14:39 - 00002133 _____ () C:\Users\Ursula\AppData\Local\recently-used.xbel
2014-08-25 13:36 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-08-25 13:36 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-08-25 13:36 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-08-25 13:36 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-08-25 13:36 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-08-25 13:36 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-08-25 13:36 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-08-25 13:36 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-08-25 13:36 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-08-25 13:36 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-08-25 13:36 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-08-25 13:36 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-08-25 13:36 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-08-22 17:31 - 2014-08-22 17:31 - 00000000 ____D () C:\Users\Ursula\Downloads\Carrera Digital 132.Rennbahn.Auto.Aston Martin V12.Vantage GT3 eBay_files
2014-08-22 17:30 - 2014-08-22 17:30 - 00000000 ____D () C:\Users\Ursula\Downloads\Carrera Evolution 27447 Aston Martin V12 Vantage GT3 No. 007 NEU OVP eBay_files
2014-08-22 17:28 - 2014-08-22 17:28 - 00000000 ____D () C:\Users\Ursula\Downloads\Magnet Tuning für Carrera Evolution & Digital 132 +70% +90% zur Auswahl eBay_files
2014-08-22 16:40 - 2014-08-22 16:40 - 00003142 _____ () C:\WINDOWS\System32\Tasks\USER_ESRV_SVC
2014-08-22 16:40 - 2014-08-22 16:40 - 00002004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-08-22 16:40 - 2014-08-22 16:40 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-08-22 16:40 - 2014-08-22 16:39 - 00013792 _____ () C:\WINDOWS\system32\Drivers\semav6thermal64ro.sys
2014-08-22 16:32 - 2014-08-22 16:32 - 00000942 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-08-17 12:56 - 2014-08-17 12:56 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Ursula\Downloads\EASportsFIFAWorld.exe
2014-08-17 12:37 - 2014-08-17 12:37 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (4).rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat].rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (3).rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (2).rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (1).rar
2014-08-17 12:28 - 2014-08-17 12:28 - 00003334 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-17 12:26 - 2014-08-17 12:28 - 00000000 ____D () C:\Program Files\005
2014-08-17 12:26 - 2014-08-17 12:26 - 00532032 _____ (Popeler.-.Installer · sl) C:\Users\Ursula\Downloads\videoplayer.exe
2014-08-17 12:23 - 2014-08-17 12:23 - 00464384 _____ (Microsoft) C:\Users\Ursula\Downloads\FIFA World Coins Hack - UPDATED v1.2 (2).exe
2014-08-17 12:22 - 2014-08-17 12:22 - 00464384 _____ (Microsoft) C:\Users\Ursula\Downloads\FIFA World Coins Hack - UPDATED v1.2.exe
2014-08-17 12:22 - 2014-08-17 12:22 - 00464384 _____ (Microsoft) C:\Users\Ursula\Downloads\FIFA World Coins Hack - UPDATED v1.2 (1).exe
2014-08-17 11:42 - 2014-09-12 11:45 - 00000000 ____D () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
2014-08-17 11:41 - 2014-08-17 11:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-17 11:40 - 2014-08-17 12:31 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-08-17 11:31 - 2014-08-17 11:31 - 00004038 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-17 11:28 - 2014-08-17 11:28 - 00362664 _____ () C:\Users\Ursula\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-08-15 20:25 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 20:25 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 20:01 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-08-15 19:58 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 19:58 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 19:50 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 19:50 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 19:50 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 19:50 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 19:50 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 19:50 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 19:50 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 19:50 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-08-15 19:50 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 19:50 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-08-15 19:50 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 19:50 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 19:50 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 19:50 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 19:50 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-08-15 19:50 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 19:50 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 19:50 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 19:50 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 19:49 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 19:49 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 19:49 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 19:49 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-08-15 19:49 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 19:49 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 19:49 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 19:49 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 19:49 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 19:49 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 19:49 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 19:49 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 19:49 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 19:49 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 19:49 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-08-15 19:48 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-08-15 19:48 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-08-15 19:43 - 2014-08-15 19:43 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-15 19:01 - 2014-08-15 19:01 - 00138101 _____ () C:\Users\Ursula\Downloads\lg g3 32gb eBay.htm
2014-08-15 19:01 - 2014-08-15 19:01 - 00000000 ____D () C:\Users\Ursula\Downloads\lg g3 32gb eBay_files
2014-08-15 19:00 - 2014-08-15 19:00 - 00000000 ____D () C:\Users\Ursula\Downloads\lg g3 eBay_files
2014-08-15 18:59 - 2014-08-15 19:00 - 00254675 _____ () C:\Users\Ursula\Downloads\lg g3 eBay.htm
2014-08-15 18:52 - 2014-08-15 18:52 - 00214888 _____ () C:\Users\Ursula\Downloads\samsung galaxy tab s eBay.htm
2014-08-15 18:52 - 2014-08-15 18:52 - 00000000 ____D () C:\Users\Ursula\Downloads\samsung galaxy tab s eBay_files
2014-08-15 18:49 - 2014-08-15 18:49 - 00080896 _____ () C:\Users\Ursula\Downloads\OnePlus One Sandstone Black 64 GB deutsche Version in Nordrhein-Westfalen - Bad Driburg Telefon gebraucht kaufen eBay Kleinanzeigen.htm
2014-08-15 18:49 - 2014-08-15 18:49 - 00059468 _____ () C:\Users\Ursula\Downloads\OnePlus One.htm
2014-08-15 18:49 - 2014-08-15 18:49 - 00000000 ____D () C:\Users\Ursula\Downloads\OnePlus One_files
2014-08-15 18:49 - 2014-08-15 18:49 - 00000000 ____D () C:\Users\Ursula\Downloads\OnePlus One Sandstone Black 64 GB deutsche Version in Nordrhein-Westfalen - Bad Driburg Telefon gebraucht kaufen eBay Kleinanzeigen_files
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-12 14:01 - 2014-09-12 14:01 - 00023138 _____ () C:\Users\Ursula\Downloads\FRST.txt
2014-09-12 14:01 - 2014-09-12 14:01 - 00000000 ____D () C:\FRST
2014-09-12 14:00 - 2014-09-12 14:00 - 02105856 _____ (Farbar) C:\Users\Ursula\Downloads\FRST64.exe
2014-09-12 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-12 13:59 - 2013-01-24 17:34 - 00000000 ____D () C:\ProgramData\MOCP
2014-09-12 13:43 - 2013-06-28 20:02 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 13:02 - 2013-01-24 17:01 - 01366802 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 12:58 - 2013-06-28 19:56 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1679606836-2989269406-3342535892-1002
2014-09-12 12:57 - 2014-09-12 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-12 12:54 - 2014-09-12 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-09-12 12:54 - 2014-09-12 12:51 - 00000000 ____D () C:\Program Files\CouponDownloader
2014-09-12 12:53 - 2013-08-27 13:29 - 00000492 _____ () C:\WINDOWS\Tasks\SDMsgUpdate (SD).job
2014-09-12 12:53 - 2013-06-28 20:02 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 12:51 - 2014-09-12 12:51 - 00544128 _____ () C:\WINDOWS\Minidump\091214-36671-01.dmp
2014-09-12 12:51 - 2014-07-13 13:54 - 00405128 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-12 12:51 - 2013-09-07 16:14 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-12 12:51 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-12 12:50 - 2014-09-12 12:50 - 817407679 _____ () C:\WINDOWS\MEMORY.DMP
2014-09-12 12:50 - 2012-08-03 04:22 - 00096058 _____ () C:\WINDOWS\PFRO.log
2014-09-12 12:38 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\Registration
2014-09-12 12:08 - 2014-09-12 12:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 12:07 - 2014-09-12 12:07 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 12:07 - 2014-09-12 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 12:07 - 2014-09-12 12:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 12:07 - 2014-09-12 12:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-12 12:07 - 2014-09-12 12:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ursula\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-12 12:07 - 2014-09-12 12:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-12 12:04 - 2014-09-12 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ursula\Downloads\revosetup95.exe
2014-09-12 11:45 - 2014-08-17 11:42 - 00000000 ____D () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
2014-09-12 11:36 - 2013-03-04 18:27 - 00000000 ____D () C:\Users\Ursula\Documents\Jonathan
2014-09-12 11:29 - 2014-09-12 11:28 - 11089381 _____ (Franzis Verlag GmbH ) C:\Users\Ursula\Downloads\CutOut-4-Demo.exe
2014-09-12 11:26 - 2014-09-12 11:18 - 00000000 ____D () C:\Users\Ursula\AppData\Roaming\sweet-page
2014-09-12 11:26 - 2014-01-02 19:20 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 11:24 - 2014-09-12 11:24 - 00000000 ____D () C:\Users\Ursula\Documents\PC Speed Maximizer
2014-09-12 11:20 - 2014-09-12 11:20 - 00000000 ____D () C:\Users\Ursula\Downloads\CutOut3_Demo
2014-09-12 11:19 - 2014-09-12 11:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-12 11:19 - 2014-09-12 11:19 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-12 11:16 - 2014-09-12 10:41 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-09-12 11:11 - 2014-09-12 10:41 - 00000000 ____D () C:\ProgramData\MAGIX
2014-09-12 11:02 - 2014-09-12 11:02 - 00000000 ____D () C:\ProgramData\Xara
2014-09-12 11:02 - 2014-09-12 10:42 - 00000000 ____D () C:\Users\Ursula\AppData\Local\Xara
2014-09-12 11:02 - 2013-12-22 17:52 - 00000000 ____D () C:\Users\Ursula\AppData\Roaming\MAGIX
2014-09-12 11:02 - 2013-03-11 20:19 - 00134656 ___SH () C:\Users\Ursula\Documents\Thumbs.db
2014-09-12 10:42 - 2014-09-12 10:42 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-09-12 10:41 - 2013-08-23 19:56 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-09-12 10:38 - 2014-09-12 10:38 - 00000316 _____ () C:\Users\Ursula\AppData\Roaming\FotoSketcher.ini
2014-09-12 10:35 - 2014-09-12 10:35 - 03032976 _____ (MAGIX Software GmbH) C:\Users\Ursula\Downloads\trial_fotografikdesigner10_dlm.exe
2014-09-12 10:17 - 2014-09-12 10:17 - 00001019 _____ () C:\Users\Public\Desktop\FotoSketcher.lnk
2014-09-12 10:17 - 2014-09-12 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoSketcher
2014-09-12 10:17 - 2014-09-12 10:17 - 00000000 ____D () C:\Program Files (x86)\FotoSketcher
2014-09-12 10:16 - 2014-09-12 10:16 - 05959972 _____ (David THOIRON ) C:\Users\Ursula\Downloads\FotoSketcher_2.96_setup.exe
2014-09-12 10:13 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-12 10:09 - 2013-01-24 16:33 - 00924910 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-12 10:09 - 2013-01-24 16:33 - 00205942 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-12 10:09 - 2012-07-26 09:28 - 00005426 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-12 10:07 - 2012-07-26 09:21 - 00070654 _____ () C:\WINDOWS\setupact.log
2014-09-12 10:05 - 2013-03-07 17:49 - 00076288 ___SH () C:\Users\Ursula\Desktop\Thumbs.db
2014-09-12 10:02 - 2013-08-01 12:10 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-11 16:31 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-09-08 03:12 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-07 13:45 - 2014-09-07 13:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-09-07 13:45 - 2014-09-07 13:45 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-09-07 13:45 - 2013-01-24 16:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-06 21:45 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-04 19:24 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-04 18:39 - 2013-01-24 16:49 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-04 18:18 - 2013-09-18 19:41 - 00000000 ____D () C:\WINDOWS\system32\config\SM Registry Backup
2014-09-04 14:49 - 2013-07-30 09:48 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-04 14:42 - 2012-07-26 07:26 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-04 14:39 - 2013-06-28 20:39 - 00000000 ____D () C:\Users\Ursula\Tracing
2014-09-04 13:53 - 2013-09-02 15:47 - 00000000 ____D () C:\Users\Ursula\AppData\Local\CUSTPDF Writer
2014-09-04 13:04 - 2014-08-25 21:27 - 41627812 _____ () C:\Users\Ursula\Documents\müc kataloge 2014 4.sdr
2014-09-04 13:01 - 2014-09-04 13:01 - 00144760 _____ (Premium Installer ) C:\Users\Ursula\Downloads\Drivers_Setup.exe
2014-09-01 18:27 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-01 18:27 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\Gast
2014-08-31 23:00 - 2013-07-30 09:48 - 00000000 ____D () C:\ProgramData\Origin
2014-08-31 22:48 - 2014-06-10 11:20 - 00000000 ____D () C:\Users\Ursula\Documents\FIFA World
2014-08-31 21:00 - 2013-11-06 15:31 - 00000000 ____D () C:\AdwCleaner
2014-08-31 10:55 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Packages
2014-08-31 10:55 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Packages
2014-08-31 10:55 - 2014-08-31 10:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2014-08-31 10:55 - 2013-03-01 12:41 - 00000000 ____D () C:\Update
2014-08-31 10:55 - 2012-08-03 04:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2014-08-31 10:54 - 2013-01-24 16:34 - 00000000 ____D () C:\Program Files\Sony
2014-08-26 22:41 - 2013-01-24 17:05 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-26 12:33 - 2014-08-26 10:25 - 00000000 ____D () C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-08-26 12:33 - 2013-08-25 18:28 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-08-26 10:26 - 2014-08-26 10:26 - 00000000 _____ () C:\autoexec.bat
2014-08-25 21:34 - 2014-08-25 21:34 - 41000088 _____ () C:\Users\Ursula\Documents\müc kataloge jo 2014.sdr
2014-08-25 18:28 - 2013-09-02 12:44 - 40426244 _____ () C:\Users\Ursula\Documents\müc kataloge.sdr
2014-08-25 16:50 - 2014-08-25 16:09 - 40422505 _____ () C:\Users\Ursula\Documents\müc kataloge 2.sdr
2014-08-25 16:28 - 2014-08-25 16:28 - 40425300 _____ () C:\Users\Ursula\Documents\müc kataloge 3.sdr
2014-08-25 14:42 - 2014-08-04 11:51 - 00000000 ____D () C:\Users\Ursula\.gimp-2.8
2014-08-25 14:39 - 2014-08-25 14:39 - 00002133 _____ () C:\Users\Ursula\AppData\Local\recently-used.xbel
2014-08-25 14:39 - 2014-08-08 10:29 - 00000000 ____D () C:\Users\Ursula\AppData\Local\gtk-2.0
2014-08-23 08:47 - 2014-08-31 11:06 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 17:31 - 2014-08-22 17:31 - 00000000 ____D () C:\Users\Ursula\Downloads\Carrera Digital 132.Rennbahn.Auto.Aston Martin V12.Vantage GT3 eBay_files
2014-08-22 17:30 - 2014-08-22 17:30 - 00000000 ____D () C:\Users\Ursula\Downloads\Carrera Evolution 27447 Aston Martin V12 Vantage GT3 No. 007 NEU OVP eBay_files
2014-08-22 17:28 - 2014-08-22 17:28 - 00000000 ____D () C:\Users\Ursula\Downloads\Magnet Tuning für Carrera Evolution & Digital 132 +70% +90% zur Auswahl eBay_files
2014-08-22 16:41 - 2013-01-24 16:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-22 16:40 - 2014-08-22 16:40 - 00003142 _____ () C:\WINDOWS\System32\Tasks\USER_ESRV_SVC
2014-08-22 16:40 - 2014-08-22 16:40 - 00002004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care (Desktop).lnk
2014-08-22 16:40 - 2014-08-22 16:40 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-08-22 16:40 - 2013-01-24 17:07 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation
2014-08-22 16:40 - 2013-01-24 17:07 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-08-22 16:39 - 2014-08-22 16:40 - 00013792 _____ () C:\WINDOWS\system32\Drivers\semav6thermal64ro.sys
2014-08-22 16:32 - 2014-08-22 16:32 - 00000942 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-08-22 16:32 - 2013-01-24 16:39 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-08-17 12:56 - 2014-08-17 12:56 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Ursula\Downloads\EASportsFIFAWorld.exe
2014-08-17 12:54 - 2013-07-30 09:49 - 00000000 ____D () C:\Users\Ursula\AppData\Roaming\Origin
2014-08-17 12:37 - 2014-08-17 12:37 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (4).rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat].rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (3).rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (2).rar
2014-08-17 12:36 - 2014-08-17 12:36 - 00055893 _____ () C:\Users\Ursula\Downloads\FIFA WORLD Coins Generator 2014 [hack tool cheat] (1).rar
2014-08-17 12:31 - 2014-08-17 11:40 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-08-17 12:28 - 2014-08-17 12:28 - 00003334 _____ () C:\WINDOWS\System32\Tasks\ASP
2014-08-17 12:28 - 2014-08-17 12:26 - 00000000 ____D () C:\Program Files\005
2014-08-17 12:26 - 2014-08-17 12:26 - 00532032 _____ (Popeler.-.Installer · sl) C:\Users\Ursula\Downloads\videoplayer.exe
2014-08-17 12:23 - 2014-08-17 12:23 - 00464384 _____ (Microsoft) C:\Users\Ursula\Downloads\FIFA World Coins Hack - UPDATED v1.2 (2).exe
2014-08-17 12:22 - 2014-08-17 12:22 - 00464384 _____ (Microsoft) C:\Users\Ursula\Downloads\FIFA World Coins Hack - UPDATED v1.2.exe
2014-08-17 12:22 - 2014-08-17 12:22 - 00464384 _____ (Microsoft) C:\Users\Ursula\Downloads\FIFA World Coins Hack - UPDATED v1.2 (1).exe
2014-08-17 11:41 - 2014-08-17 11:41 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-08-17 11:40 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-08-17 11:40 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-08-17 11:31 - 2014-08-17 11:31 - 00004038 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-17 11:28 - 2014-08-17 11:28 - 00362664 _____ () C:\Users\Ursula\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-08-17 08:36 - 2014-05-04 18:26 - 00000000 ____D () C:\Users\Ursula\Desktop\The Great Controversy
2014-08-15 20:22 - 2014-07-13 13:53 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 20:22 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-15 19:54 - 2013-07-10 15:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-15 19:51 - 2013-11-22 13:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 19:51 - 2013-06-30 16:24 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-15 19:48 - 2013-11-06 15:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-15 19:45 - 2014-02-18 16:08 - 00001030 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-15 19:43 - 2014-08-15 19:43 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-15 19:01 - 2014-08-15 19:01 - 00138101 _____ () C:\Users\Ursula\Downloads\lg g3 32gb eBay.htm
2014-08-15 19:01 - 2014-08-15 19:01 - 00000000 ____D () C:\Users\Ursula\Downloads\lg g3 32gb eBay_files
2014-08-15 19:00 - 2014-08-15 19:00 - 00000000 ____D () C:\Users\Ursula\Downloads\lg g3 eBay_files
2014-08-15 19:00 - 2014-08-15 18:59 - 00254675 _____ () C:\Users\Ursula\Downloads\lg g3 eBay.htm
2014-08-15 18:52 - 2014-08-15 18:52 - 00214888 _____ () C:\Users\Ursula\Downloads\samsung galaxy tab s eBay.htm
2014-08-15 18:52 - 2014-08-15 18:52 - 00000000 ____D () C:\Users\Ursula\Downloads\samsung galaxy tab s eBay_files
2014-08-15 18:49 - 2014-08-15 18:49 - 00080896 _____ () C:\Users\Ursula\Downloads\OnePlus One Sandstone Black 64 GB deutsche Version in Nordrhein-Westfalen - Bad Driburg Telefon gebraucht kaufen eBay Kleinanzeigen.htm
2014-08-15 18:49 - 2014-08-15 18:49 - 00059468 _____ () C:\Users\Ursula\Downloads\OnePlus One.htm
2014-08-15 18:49 - 2014-08-15 18:49 - 00000000 ____D () C:\Users\Ursula\Downloads\OnePlus One_files
2014-08-15 18:49 - 2014-08-15 18:49 - 00000000 ____D () C:\Users\Ursula\Downloads\OnePlus One Sandstone Black 64 GB deutsche Version in Nordrhein-Westfalen - Bad Driburg Telefon gebraucht kaufen eBay Kleinanzeigen_files
Some content of TEMP:
====================
C:\Users\Ursula\AppData\Local\Temp\ICReinstall_CutOut_3_0.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 03:10
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Ursula at 2014-09-12 14:02:02
Running from C:\Users\Ursula\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity Packages (HKCU\...\Audacity Packages) (Version: - ) <==== ATTENTION
Aurora 3D Text & Logo Maker version 13.06.25 (HKLM-x32\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 13.06.25 - Aurora3D Software)
AuthenTec TrueSuite (HKLM\...\{B54E0BD4-0079-4AE1-831C-A7CB9F4D569D}) (Version: 6.0.400.35 - AuthenTec, Inc.)
AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{E33003B9-6A0D-4126-BD67-6FC62D643501}) (Version: 3.4.0.1009 - AuthenTec, Inc.)
Blender (HKLM\...\Blender) (Version: 2.65-release - Blender Foundation)
Blue Byte Game Channel (HKLM-x32\...\Blue Byte Game Channel) (Version: - UbiSoft)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FotoSketcher 2.96 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)
Free Screen Video Recorder version 2.5.31.1029 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.31.1029 - DVDVideoSoft Ltd.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.42.716 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.42.716 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.2 - Ellora Assets Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iClone v4.3 PRO (HKLM-x32\...\{7430B12A-3B67-4191-B0C5-59E57344CB1F}) (Version: 4.3.1929.1 - Reallusion Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 12.5.0 - iolo technologies, LLC)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyTomTom 3.2.0.1116 (HKLM-x32\...\MyTomTom) (Version: 3.2.0.1116 - TomTom)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{52F02F20-77E1-41A6-9758-7C8751D880A2}) (Version: 1.4.0 - OLYMPUS IMAGING CORP.)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartDraw 2008 (HKLM-x32\...\SmartDraw 2008) (Version: 8.00 - SmartDraw.com)
SmartDraw PDF Filter (HKLM\...\SmartDraw PDF Filter) (Version: - )
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.3 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.2.11280 - Sony Corporation)
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.2.00.07040 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.2.00.07040 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1679606836-2989269406-3342535892-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Restore Points =========================
04-09-2014 16:38:18 iolo Designated Drivers Pre-Update Restore Point (C723DC)
04-09-2014 16:38:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02E75291-E200-4338-9508-8169370C1379} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {0A6E9B55-CFF4-4C3F-A243-8F410855F2C0} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-29] (Sony Corporation)
Task: {0C3FDE25-B1E1-4C99-8165-DAC039CCEC3C} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {0ECE0A8E-775E-40AC-A599-997CDA073811} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {120494D0-19BF-4D7E-801A-14A97E5F7D74} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1339FB0A-8B70-4E35-8A0E-14CE0C3C74E2} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1E6C4BDE-F726-48E5-85DB-465AEE460119} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {1F459A20-16A2-480A-BE01-B8816DD50445} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {204B4846-6D5D-4053-8A63-6AF0F527112D} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2734E00B-02C0-49B4-8EEB-0F95DB150FFB} - \BlockAndSurf Update No Task File <==== ATTENTION
Task: {279E9EDF-CC93-400D-B0AB-FEB01132B408} - \DSite No Task File <==== ATTENTION
Task: {2EE4C442-A6BB-4C54-8D18-0BE04B23A089} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {3BCCD765-0F47-4080-99F9-6B1CD6D975FF} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {467D194D-A438-4389-AEC3-EE3F3E5D9336} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {47301783-496F-46BB-B852-7781BD7421EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)
Task: {4C336709-84F8-452D-A025-2DEE265A6655} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {5AA07829-4A0E-4046-9514-E4CE887D1D4E} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {5EBB9E53-33F8-4D5F-A8FD-584C23F00737} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {614EE22A-959D-4FC5-92D4-1492D7B35A9C} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {67D77409-A8F6-44C0-8D6C-BBA6C8AE9E08} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {6D087DAE-C744-4A30-99B0-5F684290B365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-28] (Google Inc.)
Task: {7820B52A-C4FD-4B67-8A2C-2FA9CABE3064} - \Dealply No Task File <==== ATTENTION
Task: {7931EECE-567B-4F7D-8346-680888E2114A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {798CAD85-BFB8-4830-84F4-F2EC45AC6F8C} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {7C383574-5971-4ED9-815B-9D117770136E} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {8515431D-76CB-4413-A586-F1EF765CBC1F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-15] (Microsoft Corporation)
Task: {866667D9-69CE-4395-A508-8775E8ADFF19} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {90EEC8AE-47E6-4E91-802D-B30384D7AA61} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {97291776-3EBE-469E-920A-1D50CF33AA6F} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {985F30FB-E254-4F7B-B372-1CB584B2B1E4} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {9A0CDBBD-B7E8-409F-9A47-EFA449A2C5E7} - \EPUpdater No Task File <==== ATTENTION
Task: {9E275D7F-6AC1-40BA-A69E-319F3F94E72A} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {A215177F-253E-4A0A-8A89-56DD6A578FA4} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ACCBBA97-EDC9-4342-8ACC-DE3618275AB0} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {AEFAEE0F-801B-46B5-9964-E03DCEAA7B89} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {B6653ABB-3108-4FC8-A300-D03BC015A5B0} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {B7C6B110-1636-4390-8E63-F4D97625C79B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {B7FAD82F-FC44-43E3-998B-5B10AE93CB79} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2014-01-02] (iolo technologies, LLC)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CC03BC7A-3AC0-44EF-9121-5822CE3D3CC2} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {D5B96805-0135-42CD-AB8D-DFBDB439EC95} - \BlockAndSurf_wd No Task File <==== ATTENTION
Task: {DB294508-DBE5-4205-8863-AEDF8DA156BD} - System32\Tasks\SDMsgUpdate (SD) => C:\Program Files (x86)\SmartDraw 2008\Messages\SDNotify.exe [2007-08-06] ()
Task: {DB856AD3-4054-4092-A06A-B18A958DACF1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\WINDOWS\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {DD745E6A-CB9F-46E2-9C4D-94007F9A16E3} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F478A0B5-BCFF-459F-9752-A1924EF9FE04} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SDMsgUpdate (SD).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-01-24 16:50 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-02 12:47 - 2008-11-19 16:02 - 00087040 _____ () C:\WINDOWS\System32\custmon64.dll
2014-07-25 16:03 - 2014-07-25 16:03 - 00172544 _____ () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\eexvlcbkbu64.exe
2014-07-25 16:03 - 2014-07-25 16:03 - 00110080 _____ () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\nfapi.dll
2014-07-25 16:03 - 2014-07-25 16:03 - 00456192 _____ () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E\ProtocolFilters.dll
2014-08-17 12:28 - 2014-08-17 12:28 - 00709120 _____ () C:\Program Files\005\vulsrsebjh64.exe
2012-07-17 03:52 - 2012-07-17 03:52 - 01136488 _____ () C:\Program Files\AuthenTec TrueSuite\DataManager.dll
2012-07-17 03:52 - 2012-07-17 03:52 - 00087400 _____ () C:\Program Files\AuthenTec TrueSuite\ssutil.dll
2012-07-17 03:53 - 2012-07-17 03:53 - 04122984 _____ () C:\Program Files\AuthenTec TrueSuite\x86\IEWebSiteLogon.exe
2012-08-21 21:01 - 2012-08-21 03:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-12 10:17 - 2014-09-10 21:25 - 05612544 _____ () C:\Program Files (x86)\FotoSketcher\FotoSketcher.exe
2012-07-17 03:53 - 2012-07-17 03:53 - 00905064 _____ () C:\Program Files\AuthenTec TrueSuite\x86\DataManager.dll
2013-01-24 17:43 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-08-27 13:23 - 2007-08-29 16:40 - 00823296 _____ () C:\Program Files (x86)\SmartDraw 2008\SDW.dll
2013-08-27 13:23 - 2007-04-06 10:44 - 00315392 _____ () C:\Program Files (x86)\SmartDraw 2008\PDV.dll
2013-08-27 13:23 - 2007-08-30 17:19 - 01212416 _____ () C:\Program Files (x86)\SmartDraw 2008\SDData.dll
2014-09-07 03:45 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-07 03:45 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-07 03:45 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-07 03:45 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-07 03:45 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKCU\...\StartupApproved\Run: => "MyTomTomSA.exe"
HKCU\...\StartupApproved\Run: => "EADM"
==================== Faulty Device Manager Devices =============
Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/12/2014 01:51:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:51:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:36:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:36:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:21:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:21:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:06:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „BD9B8345.VAIOMessageCenter_05bme2bjq6sag!SonyCorporation.VAIOMessageCenter“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:06:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:06:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/12/2014 01:06:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VAIOgiebfried)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (09/12/2014 01:51:09 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:51:09 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:36:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:36:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: SonyCorporation.VAIOMessageCenter.AppXcw4wkrn4nzfb9qf57nfr2brnandry2av.wwa
Error: (09/12/2014 01:21:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:21:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: SonyCorporation.VAIOMessageCenter.AppXcw4wkrn4nzfb9qf57nfr2brnandry2av.wwa
Error: (09/12/2014 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/12/2014 01:06:08 PM) (Source: DCOM) (EventID: 10010) (User: VAIOgiebfried)
Description: AppexFinance.AppXt2b0qt8jwqketvnyx02s765gyw55jaq6.mca
Microsoft Office Sessions:
=========================
Error: (06/20/2014 00:00:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 778 seconds with 480 seconds of active time. This session ended with a crash.
Error: (06/20/2014 11:46:53 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6666 seconds with 2340 seconds of active time. This session ended with a crash.
Error: (01/26/2014 09:31:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 44 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 38%
Total physical RAM: 8071.27 MB
Available physical RAM: 4987.25 MB
Total Pagefile: 16263.27 MB
Available Pagefile: 13025.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:895.1 GB) (Free:643.65 GB) NTFS
Drive d: (The Great Controversy) (CDROM) (Total:6.5 GB) (Free:0 GB) UDF
Drive h: () (Removable) (Total:29.71 GB) (Free:0.35 GB) FAT32
Drive i: () (Removable) (Total:7.5 GB) (Free:0.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3C079283)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 5 (Size: 29.7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
Hinweis: 
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
