Ständig öffnen sich Inet Seiten und kriege eine Fehlermeldung

Amistade · 29.08.2014, 19:08

Hi @all,
ich habe mir Anfang des Jahres ein neues Noti zugelegt. Nachdem ich Firefox drauf geladen habe fing der ärger mit den Inet Seiten an.
Ich habe dann FF wieder runter geworfen und auch Programme die scheinbar sich mit auf das Noti geladen haben. Nun kommt ständig eine Fehlermeldung und es öffnen sich immer noch ungefragt Seiten.
Ich habe ein Sony Vaio mit Windows 8.1 das Noti ist im Moment nicht auf dem aktuellen Stand weil ich die Lust dran verloren habe.
Würde mich freuen wenn mir jemand helfen kann

Gruß
Ami

deeprybka · 29.08.2014, 20:00

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Amistade · 29.08.2014, 22:42

Hallo Jürgen,
ich habe wie von Dir gefordert das Programm runter geladen.
Der Scan startete und dann ist der Rechner runter gefahren. Jetzt seh ich nicht ob er den Scan macht

Ich finde es auch nicht

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-08-2014 01
Ran by Sylvia (administrator) on ARWENABENDSTERN on 29-08-2014 23:30:01
Running from C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETCL89X8
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\nethtsrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\netupdsrv.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Iminent\WinkHandler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Iminent\WinkHandler.exe
() C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Microsoft Corporation) C:\Windows\System32\CheckNetIsolation.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(videohq) C:\Program Files (x86)\video-high\video-high-bg.exe
(AmiExt ltd. ) C:\Program Files (x86)\AmiExt\flashEnhancer\ie\AmiStorage.exe
(Conduit Ltd.) C:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-07] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [764096 2014-03-18] ()
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\RunOnce: [SPUpdSentinel] => C:\Program Files (x86)\Common Files\Umbrella\Umbrella_bkp.exe [3088192 2014-06-16] (Iminent)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-03] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {149B9D03-DDD0-4340-80E9-0F77A48705E5} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {149B9D03-DDD0-4340-80E9-0F77A48705E5} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394402936&from=amt&uid=TOSHIBAXMQ01ABF050_Y3ANC580TXXY3ANC580T&q={searchTerms}
SearchScopes: HKCU - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: video-high -> {11111111-1111-1111-1111-110511291122} -> C:\Program Files (x86)\video-high\video-high-bho64.dll (videohq)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: video-high -> {11111111-1111-1111-1111-110511291122} -> C:\Program Files (x86)\video-high\video-high-bho.dll (videohq)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Rich Media View -> {2568d901-3e9f-4f19-808c-7c65220fb019} -> C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release179\ie\RichMediaViewV1release179.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: flash-Enhancer -> {5A60B6BB-FA81-4EFA-AB9C-A820E2143736} -> C:\Program Files (x86)\AmiExt\flashEnhancer\ie\flashEnhancer.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: ValueApps -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> C:\Program Files (x86)\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Extension: Widget context - C:\Users\Sylvia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-04-18]
FF HKLM-x32\...\Firefox\Extensions: [ext@flashenhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff
FF Extension: flash-Enhancer - C:\Program Files (x86)\AmiExt\flashEnhancer\ff [2014-03-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release179.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release179\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release179\ff [2014-05-18]
FF HKCU\...\Firefox\Extensions: [{bd11e2a2-6c73-46d1-9481-1f54f0163b2b}] - C:\Program Files (x86)\Show-Password-soft\157.xpi

Chrome: 
=======
CHR Profile: C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (video-high) - C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\egihcegngbfhhhnfjfamognnonckdklg [2014-04-18]
CHR Extension: (Widget context) - C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-04-13]
CHR HKLM-x32\...\Chrome\Extension: [cgbealecnakbhfoeeipcnoboempfkbjd] - C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" [2014-01-12]
CHR HKLM-x32\...\Chrome\Extension: [phlmdnpabaodmghcjekohpnnhdlhflah] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release179\ch\RichMediaViewV1release179.crx [2014-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 NetHttpService; C:\Windows\SysWOW64\nethtsrv.exe [180224 2014-06-16] () [File not signed]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639584 2013-02-05] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [159744 2014-06-16] () [File not signed]
R2 Show-Password; C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe [194560 2014-03-10] () [File not signed]
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [3088192 2014-06-16] (Iminent)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 WinkHandler; C:\Program Files (x86)\Iminent\WinkHandler.exe [425792 2014-02-25] ()
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-10] (Cherished Technololgy LIMITED) [File not signed]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 Update melondrea; "C:\Program Files (x86)\melondrea\updatemelondrea.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R1 nethfdrv; C:\Windows\system32\drivers\nethfdrv.sys [46160 2014-06-16] (nethfdrv)
R1 {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw64; C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw64.sys [61112 2014-05-03] (StdLib)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:44 - 2014-08-29 21:44 - 00000687 _____ () C:\awh53B5.tmp
2014-08-29 21:35 - 2014-08-29 23:30 - 00000000 ____D () C:\FRST
2014-08-29 19:58 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-29 19:58 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 19:57 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-29 23:30 - 2014-08-29 21:35 - 00000000 ____D () C:\FRST
2014-08-29 23:21 - 2014-01-16 11:47 - 01535920 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 23:08 - 2014-03-10 00:07 - 00000448 _____ () C:\Windows\Tasks\Show-Password_wd.job
2014-08-29 23:04 - 2014-03-10 00:04 - 00003122 _____ () C:\Windows\Tasks\video-high-chromeinstaller.job
2014-08-29 23:04 - 2014-03-10 00:04 - 00002562 _____ () C:\Windows\Tasks\video-high-firefoxinstaller.job
2014-08-29 23:00 - 2014-03-10 00:13 - 00000312 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-08-29 23:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-29 22:57 - 2014-03-10 00:07 - 00000442 _____ () C:\Windows\Tasks\Show-Password Update.job
2014-08-29 22:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:48 - 2014-03-10 00:13 - 00000306 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-08-29 21:47 - 2014-03-10 00:02 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\System Speedup
2014-08-29 21:46 - 2014-03-10 00:02 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-29 21:46 - 2014-01-16 11:36 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-08-29 21:46 - 2014-01-16 11:36 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-08-29 21:46 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 21:44 - 2014-08-29 21:44 - 00000687 _____ () C:\awh53B5.tmp
2014-08-29 21:44 - 2014-03-10 00:06 - 00000348 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-08-29 21:44 - 2014-03-10 00:04 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-29 21:39 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 21:38 - 2014-03-10 00:01 - 00000000 ____D () C:\Program Files (x86)\melondrea
2014-08-29 21:38 - 2012-08-03 04:22 - 00021332 _____ () C:\Windows\PFRO.log
2014-08-29 21:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-29 20:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-29 20:02 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp

Some content of TEMP:
====================
C:\Users\Sylvia\AppData\Local\Temp\0302121402000090mcinst.exe
C:\Users\Sylvia\AppData\Local\Temp\applinstall.exe
C:\Users\Sylvia\AppData\Local\Temp\dlLogic.exe
C:\Users\Sylvia\AppData\Local\Temp\drvinstal.exe
C:\Users\Sylvia\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Sylvia\AppData\Local\Temp\speedupmypc.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 19:54

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2014 01
Ran by Sylvia at 2014-08-29 23:30:55
Running from C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETCL89X8
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
awesomehp uninstaller (HKLM-x32\...\awesomehp uninstaller) (Version:  - awesomehp) <==== ATTENTION
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2529 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6201.52 - CyberLink Corp.) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
flash-Enhancer (HKLM-x32\...\flash-Enhancer) (Version: 2.1 - flash-Enhancer.com) <==== ATTENTION
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.0.1.003 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (Version: 1.0.1.003 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Lightspark 0.5.3-git (HKLM-x32\...\Lightspark) (Version: 0.5.3-git - Lightspark Team)
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
NVIDIA Grafiktreiber 311.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.46 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.46 (Version: 311.46 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Rich Media View (HKLM-x32\...\RichMediaViewV1release179) (Version: 1.1 - Rich Media View) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Show-Password (HKLM-x32\...\88a50b2f-0f08-412a-b423-7f54fa4283c1) (Version:  - Show-Password LTD) <==== ATTENTION
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.2.0 - Uniblue Systems Limited) <==== ATTENTION
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.2.0.15030 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
ValueApps (HKCU\...\ValueApps) (Version: 1.4.0.3 - Conduit) <==== ATTENTION
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
video-high (HKLM-x32\...\video-high) (Version: 1.34.3.6 - videohq)
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1985586172-433853276-367623084-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1985586172-433853276-367623084-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Restore Points  =========================

18-06-2014 01:00:17 Windows Update
29-08-2014 17:56:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {091BB34C-DC34-445A-B7C8-135565542F6D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {0A3F03D6-E20D-4E8E-9304-FCC47DE05230} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {113C2838-EF90-49FD-A8D5-83CD78D12E92} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {1568CFE9-836B-4B5B-843D-653C5ED22732} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {163184AF-372A-4845-B63B-ABB3CD020B9A} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BCF4B3B-CAA8-4E1E-B3AF-B547AF9A5A83} - System32\Tasks\video-high-chromeinstaller => C:\Program Files (x86)\video-high\video-high-chromeinstaller.exe [2014-03-10] (videohq)
Task: {1D9154BB-CD0B-4B94-A122-D3654971CE3F} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {28A2E25B-0A87-41D7-833F-8C0FFDC40993} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {2F127919-D43A-4550-BF2C-9D549227FB53} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {3CDE8207-DD86-4C04-9858-AD782A7B1623} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {3DA85867-A8B9-46A3-A23D-61598CF8624E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {3FA5A6E4-2C70-426F-9019-C85CD5E44E27} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {474D24C9-DAE9-408E-B556-2A7E5BC3D914} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-01-15] (Systweak) <==== ATTENTION
Task: {56616DAC-66E7-491E-A6E2-640E6169E6B9} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {57E8EF05-AB4E-406C-8453-8F03AC32D26A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {5DBF1E1C-F88D-4E0F-A3A6-4939A930EC9B} - System32\Tasks\AmiUpdXp => C:\Users\Sylvia\AppData\Local\25950\a19506.exe [2014-03-10] ()
Task: {62B558AE-31CA-4E69-9D7B-6C16FAE38301} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {7896DD82-C234-4B9B-8BDD-04E20F322F4A} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {89F5367B-39FD-4C4D-AD85-982EEA671371} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {8E1DFA55-AE57-4163-8A11-B54DAED2A0D5} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {915EDEE6-9A7C-4CD3-A2EA-52F8B09E0734} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {92EBAE42-62CF-433B-98F8-BF060FA17EA6} - System32\Tasks\Show-Password_wd => C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe [2014-03-10] () <==== ATTENTION
Task: {93E194B7-2243-4EB4-917A-BC6587846A74} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-02-19] (Uniblue Systems Limited)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B58995D8-F380-449E-B3F4-6E5B619B8BE0} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {C4E5B5E9-C7FF-4C01-8EFB-FCBAC50D3BBA} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-02-19] (Uniblue Systems Limited)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C733D9D8-28DA-4FA1-920D-21BC932D2142} - System32\Tasks\Show-Password Update => C:\Program Files (x86)\Show-Password-soft\Show_.exe [2014-03-10] () <==== ATTENTION
Task: {CE26C8C9-6BF8-4F5A-9F99-2E8D5F814476} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {DD46A341-17FB-42EE-9C0C-033EC17EBE5C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {E30358DF-0F70-4568-AB72-2FD9D2BE21E1} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {E7F61F3A-D510-46EF-A155-8A7077522695} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EF3AE9DD-970D-41A2-8623-ED87C51A136A} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Ultimate Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {F0D2C84B-1FD1-4CE0-ABD3-91C3CBBD4D6C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {FDD5E854-17E7-4B88-9BDF-4B4EC6CE9F0C} - System32\Tasks\video-high-firefoxinstaller => C:\Program Files (x86)\video-high\video-high-firefoxinstaller.exe [2014-03-10] (videohq)
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Sylvia\AppData\Local\25950\a19506.exe <==== ATTENTION
Task: C:\Windows\Tasks\Show-Password Update.job => C:\Program Files (x86)\Show-Password-soft\Show_.exe <==== ATTENTION
Task: C:\Windows\Tasks\Show-Password_wd.job => C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\video-high-chromeinstaller.job => C:\Program Files (x86)\video-high\video-high-chromeinstaller.exe
Task: C:\Windows\Tasks\video-high-firefoxinstaller.job => C:\Program Files (x86)\video-high\video-high-firefoxinstaller.exe

==================== Loaded Modules (whitelisted) =============

2012-12-14 15:27 - 2012-12-14 15:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-06-16 08:58 - 2014-06-16 08:58 - 00180224 _____ () C:\Windows\SysWOW64\nethtsrv.exe
2014-06-16 08:59 - 2014-06-16 08:59 - 00159744 _____ () C:\Windows\SysWOW64\netupdsrv.exe
2014-03-10 00:02 - 2014-02-25 17:28 - 00425792 ____R () C:\Program Files (x86)\Iminent\WinkHandler.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2014-03-10 00:07 - 2014-03-10 00:07 - 00093184 _____ () C:\Program Files (x86)\Show-Password-soft\Show-Password_wd.exe
2013-03-14 21:21 - 2013-03-14 05:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-10 00:20 - 2014-03-18 22:05 - 00764096 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-03-10 00:07 - 2014-03-10 00:07 - 00194560 _____ () C:\Program Files (x86)\Show-Password-soft\Show-Password157.exe
2014-01-16 12:30 - 2013-01-23 11:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-10 00:04 - 2012-07-25 13:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-03-10 00:04 - 2014-01-15 19:53 - 01731312 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-03-10 00:04 - 2012-07-25 13:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-03-10 00:20 - 2014-03-18 22:05 - 00065728 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-03-10 00:20 - 2014-03-18 22:05 - 00474816 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2014-05-13 12:25 - 2014-05-13 12:25 - 00087552 _____ () C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release179\ie\RichMediaViewV1release179.dll
2014-01-12 13:48 - 2014-01-12 13:48 - 00177664 _____ () C:\Program Files (x86)\AmiExt\flashEnhancer\ie\flashEnhancer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/29/2014 09:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ValueApps.exe, Version: 1.4.0.3, Zeitstempel: 0x52e60ecb
Name des fehlerhaften Moduls: ValueApps.exe, Version: 1.4.0.3, Zeitstempel: 0x52e60ecb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000038485
ID des fehlerhaften Prozesses: 0x510c
Startzeit der fehlerhaften Anwendung: 0xValueApps.exe0
Pfad der fehlerhaften Anwendung: ValueApps.exe1
Pfad des fehlerhaften Moduls: ValueApps.exe2
Berichtskennung: ValueApps.exe3
Vollständiger Name des fehlerhaften Pakets: ValueApps.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ValueApps.exe5

Error: (08/29/2014 07:57:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Synaptics TouchPad Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/29/2014 07:44:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 10.0.9200.16537 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9dc

Startzeit: 01cf810065b15b01

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: 0c819227-2fa4-11e4-be7f-342387922ad6

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/29/2014 07:43:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ARWENABENDSTERN)
Description: Das Paket „DefaultBrowser_NOPUBLISHERID“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (06/21/2014 06:44:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/18/2014 03:00:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Synaptics TouchPad Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (06/18/2014 02:59:42 AM) (Source: SampleCollector) (EventID: 259) (User: )
Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/16/2014 06:49:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a90d6
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000daa3c
ID des fehlerhaften Prozesses: 0x1f44
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5

Error: (06/16/2014 06:37:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/13/2014 02:59:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (08/29/2014 09:45:06 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/29/2014 09:44:36 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/29/2014 09:39:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update melondrea" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/29/2014 09:39:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (08/29/2014 09:39:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/29/2014 09:21:50 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/29/2014 09:21:20 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/29/2014 07:47:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/29/2014 07:46:57 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (06/17/2014 11:33:38 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}


Microsoft Office Sessions:
=========================
Error: (08/29/2014 09:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ValueApps.exe1.4.0.352e60ecbValueApps.exe1.4.0.352e60ecbc00000050000000000038485510c01cfc3b2af7b91faC:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exeC:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe6dc2fd62-2fb3-11e4-be7f-342387922ad6

Error: (08/29/2014 07:57:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Synaptics TouchPad Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/29/2014 07:44:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe10.0.9200.165379dc01cf810065b15b014294967295C:\Program Files\Internet Explorer\iexplore.exe0c819227-2fa4-11e4-be7f-342387922ad6

Error: (08/29/2014 07:43:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ARWENABENDSTERN)
Description: DefaultBrowser_NOPUBLISHERID

Error: (06/21/2014 06:44:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/18/2014 03:00:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Synaptics TouchPad Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (06/18/2014 02:59:42 AM) (Source: SampleCollector) (EventID: 259) (User: )
Description: init_sstates_file:CreateFile:Prev_SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/16/2014 06:49:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.2.9200.16420505a90d6ntdll.dll6.2.9200.16578515fac6ec0000374000daa3c1f4401cf810260325a0eC:\Windows\syswow64\wwahost.exeC:\Windows\SYSTEM32\ntdll.dll1e610dc8-f576-11e3-be7f-342387922ad6Microsoft.SkypeApp_1.9.0.2016_x86__kzf8qxf38zg5cApp

Error: (06/16/2014 06:37:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (06/13/2014 02:59:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz
Percentage of memory in use: 57%
Total physical RAM: 3974.8 MB
Available physical RAM: 1696.08 MB
Total Pagefile: 4998.8 MB
Available Pagefile: 2441.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.39 GB) (Free:383.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 30AAEC30)

Partition: GPT Partition Type.

==================== End Of Log ============================

Hab es dann doch geschafft

deeprybka · 30.08.2014, 10:18

Hallo,
bitte die Anweisungen genau lesen. Link: So ladet Ihr unsere Tools richtig
Am besten lädst Du Dir FRST für die späteren Schritte nochmal "richtig" runter.

Code:

ATTFilter

C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
Running from C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETCL89X8

Schritt 1

Bitte deinstalliere folgende Programme:

Advanced System Protector
awesomehp uninstaller
flash-Enhancer
Iminent
Mobogenie
SpeedUpMyPC
Network System Driver
Rich Media View
Show-Password
Software Version Updater
SupTab
ValueApps
WPM17.8.0.3442

Versuche es bei Windows 8

mit der Windowstaste + X über

.

Sollte das nicht gehen, lade Dir bitte Revo Uninstaller

hier herunter. Entpacke die zip-Datei auf den Desktop.

Starte die Revouninstaller.exe
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
Klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Malwarebytes Antimalware

Download-Link
Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 4

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Amistade · 30.08.2014, 23:52

Code:

ATTFilter

# AdwCleaner v3.308 - Bericht erstellt am 30/08/2014 um 23:42:26
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Sylvia - ARWENABENDSTERN
# Gestartet von : C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K323Q880\adwcleaner_3.308.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SProtection
Dienst Gelöscht : WinkHandler
Dienst Gelöscht : {c047df5e-0fda-4055-b5db-a96a8a34a094}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\PriceMeterLiveUpdate
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelöscht : C:\Program Files (x86)\AmiExt
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\IminentToolbar
Ordner Gelöscht : C:\Program Files (x86)\Lightspark 0.5.3-git
Ordner Gelöscht : C:\Program Files (x86)\melondrea
Ordner Gelöscht : C:\Program Files (x86)\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Program Files (x86)\RichMediaViewV1
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Surftastic
Ordner Gelöscht : C:\Program Files (x86)\System Speedup
Ordner Gelöscht : C:\Program Files (x86)\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\video-high
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Sylvia\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Sylvia\AppData\Roaming\PriceMeterUpdater
Ordner Gelöscht : C:\Users\Sylvia\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Sylvia\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\Sylvia\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Sylvia\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Sylvia\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp
Ordner Gelöscht : C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\egihcegngbfhhhnfjfamognnonckdklg
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\SysWOW64\installd.exe
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\sasnative64.exe
Datei Gelöscht : C:\Windows\System32\drivers\{c047df5e-0fda-4055-b5db-a96a8a34a094}Gw64.sys
Datei Gelöscht : C:\Users\Sylvia\daemonprocess.txt
Datei Gelöscht : C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Tasks ] *****

Task Gelöscht : Advanced System Protector
Task Gelöscht : Advanced System Protector_startup
Task Gelöscht : AmiUpdXp
Task Gelöscht : SpeedUpMyPC Maintenance
Task Gelöscht : SpeedUpMyPC Startup
Task Gelöscht : System Speedup_DEFAULT
Task Gelöscht : System Speedup_UPDATES
Task Gelöscht : video-high-chromeinstaller
Task Gelöscht : video-high-firefoxinstaller

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Sylvia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Sylvia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@flashenhancer.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052922.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052922.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052922.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0052922.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291122}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292222}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295522}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296622}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544294422}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291122}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511291122}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511291122}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7C78C08-3CC7-416F-B827-7C1785ABBDA8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291122}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292222}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295522}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296622}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291122}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\AmiExt
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\System Speedup
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\video-high
Schlüssel Gelöscht : HKLM\SOFTWARE\AmiExt
Schlüssel Gelöscht : HKLM\SOFTWARE\awesomehpSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\Flash-Enhancer
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Lightspark Team
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\System Speedup
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\video-high
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lightspark
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Speedup_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\video-high
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16921

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v

[ Datei : C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [16087 octets] - [30/08/2014 23:41:09]
AdwCleaner[S0].txt - [13384 octets] - [30/08/2014 23:42:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13445 octets] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 31.08.2014
Suchlauf-Zeit: 00:25:46
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.30.08
Rootkit Datenbank: v2014.08.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Sylvia

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 330978
Verstrichene Zeit: 12 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 13
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9BB812EA-6A11-4F94-AE32-DB3FD45EC496}, In Quarantäne, [f1a8b2174635b87e9b242c874fb3da26], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{66B51873-B53D-42EC-BC1A-862EB4DB041D}, In Quarantäne, [f1a8b2174635b87e9b242c874fb3da26], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}, In Quarantäne, [f1a8b2174635b87e9b242c874fb3da26], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}, In Quarantäne, [f1a8b2174635b87e9b242c874fb3da26], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{66B51873-B53D-42EC-BC1A-862EB4DB041D}, In Quarantäne, [f1a8b2174635b87e9b242c874fb3da26], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{BDB0F124-48E8-43A5-A263-45A7093CF058}, In Quarantäne, [c1d87752c4b765d1249df9ba7f835ca4], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}, In Quarantäne, [c1d87752c4b765d1249df9ba7f835ca4], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}, In Quarantäne, [c1d87752c4b765d1249df9ba7f835ca4], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BDB0F124-48E8-43A5-A263-45A7093CF058}, In Quarantäne, [c1d87752c4b765d1249df9ba7f835ca4], 
PUP.Optional.FlashEnhance.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\cgbealecnakbhfoeeipcnoboempfkbjd, In Quarantäne, [9bfe05c4e09b36006f77997af70c27d9], 
PUP.Optional.VideoHigh.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video-high, In Quarantäne, [3c5d5673a7d47abc1a8f42cfb94a2ed2], 
PUP.Optional.Ciuvo.A, HKU\S-1-5-21-1985586172-433853276-367623084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\ciuvo.com, In Quarantäne, [2f6a9e2b423903339ec718e1be4413ed], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-1985586172-433853276-367623084-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [c7d24e7bd0abe353eddb798f4db6c040], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, In Quarantäne, [7f1a5c6d087379bd717d18dda65c09f7], 
PUP.Optional.Conduit.A, C:\Users\Sylvia\AppData\Local\Temp\mam-ct3316263, In Quarantäne, [bbde28a1e19aac8ad523e8e159a99a66], 

Dateien: 8
PUP.Optional.OutBrowse, C:\Users\Sylvia\AppData\Local\Temp\OK4vAXbk.exe.part, In Quarantäne, [e1b84386493277bf2421314e9170cf31], 
PUP.Optional.RichMediaView.A, C:\Users\Sylvia\AppData\Local\Temp\applinstall.exe, In Quarantäne, [eeab6d5cfa81f73fbfb26ca726df10f0], 
PUP.Optional.ScramblePacker.A, C:\Users\Sylvia\AppData\Local\Temp\n4517\hqvideopro_0703_DE-281a115e.exe, In Quarantäne, [c4d532975526999d4217b3d6c1404eb2], 
PUP.Optional.Melondrea.A, C:\Users\Sylvia\AppData\Local\Temp\n4517\melondrea_0702-81cfb2ef.exe, In Quarantäne, [bbdeb712710a70c6ff41812ef113e31d], 
PUP.Optional.Babylon, C:\Users\Sylvia\AppData\Local\Temp\n4517\systempspeedup_3001-1ea278a0.exe, In Quarantäne, [376200c90972c373c2b28b2531d0a858], 
PUP.Optional.AirAdInstaller, C:\Users\Sylvia\Downloads\SoftwareUpdate.exe, In Quarantäne, [d2c70bbe4e2da492fd3ea298679902fe], 
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, In Quarantäne, [7f1a5c6d087379bd717d18dda65c09f7], 
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, In Quarantäne, [7f1a5c6d087379bd717d18dda65c09f7], 

Physische Sektoren: 0
(No malicious items detected)


(end)

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014
Ran by Sylvia (administrator) on ARWENABENDSTERN on 31-08-2014 00:46:27
Running from C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3POE29Z
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Microsoft Corporation) C:\Windows\System32\CheckNetIsolation.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-07] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-03] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {149B9D03-DDD0-4340-80E9-0F77A48705E5} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Extension: Widget context - C:\Users\Sylvia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-04-18]

Chrome: 
=======
CHR Profile: C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-04-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639584 2013-02-05] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U0 ehjp; C:\Windows\System32\drivers\rxfo.sys [79064 2014-08-31] (Malwarebytes Corporation)
U0 lfmo; C:\Windows\System32\drivers\rdiot.sys [79064 2014-08-31] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [122584 2014-08-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 00:39 - 2014-08-31 00:39 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rdiot.sys
2014-08-31 00:39 - 2014-08-31 00:39 - 00003142 _____ () C:\Windows\SysWOW64\jnlhj
2014-08-31 00:18 - 2014-08-31 00:18 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rxfo.sys
2014-08-31 00:01 - 2014-08-31 00:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 00:01 - 2014-08-31 00:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-31 00:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-31 00:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-30 23:48 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-30 23:48 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-30 23:44 - 2014-08-30 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-30 23:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-30 23:40 - 2014-08-30 23:43 - 00000000 ____D () C:\AdwCleaner
2014-08-30 23:12 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Sylvia\Desktop\revouninstaller-portable
2014-08-30 23:09 - 2014-08-30 23:11 - 03007700 _____ () C:\Users\Sylvia\Desktop\revouninstaller.zip
2014-08-30 23:07 - 2014-08-30 23:18 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\Infigo
2014-08-30 23:07 - 2014-08-30 23:08 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-08-30 12:12 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-30 12:09 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-30 12:09 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-30 11:22 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-30 11:22 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-30 11:22 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-30 11:21 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-30 11:21 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-30 11:21 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-30 11:21 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-30 11:21 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-30 11:21 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-30 11:21 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-30 11:20 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-30 11:20 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-30 11:20 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-08-30 11:20 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-08-30 11:20 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-30 11:20 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-08-30 11:19 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-08-30 11:13 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-30 11:13 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-30 11:13 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-08-30 11:13 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-08-30 11:13 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-30 11:13 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-30 11:13 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-30 11:13 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-30 11:13 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-30 11:13 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-30 11:13 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-08-30 11:13 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-30 11:13 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-08-30 11:13 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-30 11:12 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-30 11:12 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-30 11:12 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-30 11:12 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-30 11:12 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-30 11:12 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-30 11:12 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-30 11:12 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-30 11:12 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-30 11:12 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-30 11:12 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-30 11:12 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-30 11:12 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-30 11:12 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-30 11:12 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-30 11:12 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-30 11:12 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-30 11:11 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-30 11:11 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-30 11:10 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-30 11:10 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:35 - 2014-08-31 00:46 - 00000000 ____D () C:\FRST
2014-08-29 19:58 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-29 19:58 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 19:57 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 00:46 - 2014-08-29 21:35 - 00000000 ____D () C:\FRST
2014-08-31 00:39 - 2014-08-31 00:39 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rdiot.sys
2014-08-31 00:39 - 2014-08-31 00:39 - 00003142 _____ () C:\Windows\SysWOW64\jnlhj
2014-08-31 00:25 - 2014-08-31 00:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 00:18 - 2014-08-31 00:18 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rxfo.sys
2014-08-31 00:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Resources
2014-08-31 00:01 - 2014-08-31 00:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-31 00:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-30 23:54 - 2014-02-21 17:55 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1985586172-433853276-367623084-1002
2014-08-30 23:52 - 2014-01-16 11:36 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-08-30 23:52 - 2014-01-16 11:36 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-08-30 23:52 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-30 23:48 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-30 23:47 - 2012-08-03 04:22 - 00029670 _____ () C:\Windows\PFRO.log
2014-08-30 23:47 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-30 23:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-30 23:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-30 23:45 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-30 23:44 - 2014-08-30 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-30 23:44 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-30 23:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-08-30 23:43 - 2014-08-30 23:40 - 00000000 ____D () C:\AdwCleaner
2014-08-30 23:43 - 2014-02-21 17:46 - 00000997 _____ () C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 23:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Sylvia
2014-08-30 23:43 - 2014-01-16 11:47 - 01897870 _____ () C:\Windows\WindowsUpdate.log
2014-08-30 23:24 - 2014-03-10 00:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-30 23:18 - 2014-08-30 23:07 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\Infigo
2014-08-30 23:12 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Sylvia\Desktop\revouninstaller-portable
2014-08-30 23:11 - 2014-08-30 23:09 - 03007700 _____ () C:\Users\Sylvia\Desktop\revouninstaller.zip
2014-08-30 23:08 - 2014-08-30 23:07 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-08-30 22:35 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-30 22:31 - 2014-03-05 22:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-30 11:14 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-08-29 22:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:46 - 2014-03-10 00:02 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-29 20:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-23 08:47 - 2014-08-30 11:12 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 08:33 - 2014-08-30 11:13 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 05:09 - 2014-08-30 11:13 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 02:15 - 2014-08-30 23:48 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:15 - 2014-08-30 23:48 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Sylvia\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Sylvia\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 19:54

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2014
Ran by Sylvia at 2014-08-31 00:47:23
Running from C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3POE29Z
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2529 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6201.52 - CyberLink Corp.) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.0.1.003 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (Version: 1.0.1.003 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA Grafiktreiber 311.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.46 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.46 (Version: 311.46 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.2.0.15030 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1985586172-433853276-367623084-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1985586172-433853276-367623084-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Restore Points  =========================

18-06-2014 01:00:17 Windows Update
29-08-2014 17:56:50 Windows Update
30-08-2014 21:13:37 Revo Uninstaller's restore point - Advanced System Protector

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {091BB34C-DC34-445A-B7C8-135565542F6D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {0A3F03D6-E20D-4E8E-9304-FCC47DE05230} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {0EF935A8-0B63-428E-9B66-A5C62DB1A48E} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Ultimate Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {113C2838-EF90-49FD-A8D5-83CD78D12E92} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {1568CFE9-836B-4B5B-843D-653C5ED22732} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1D9154BB-CD0B-4B94-A122-D3654971CE3F} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {28A2E25B-0A87-41D7-833F-8C0FFDC40993} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {2F127919-D43A-4550-BF2C-9D549227FB53} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {3CDE8207-DD86-4C04-9858-AD782A7B1623} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {3DA85867-A8B9-46A3-A23D-61598CF8624E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {57E8EF05-AB4E-406C-8453-8F03AC32D26A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {62B558AE-31CA-4E69-9D7B-6C16FAE38301} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {7896DD82-C234-4B9B-8BDD-04E20F322F4A} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {89F5367B-39FD-4C4D-AD85-982EEA671371} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {8E1DFA55-AE57-4163-8A11-B54DAED2A0D5} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {915EDEE6-9A7C-4CD3-A2EA-52F8B09E0734} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B58995D8-F380-449E-B3F4-6E5B619B8BE0} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CE26C8C9-6BF8-4F5A-9F99-2E8D5F814476} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {DD46A341-17FB-42EE-9C0C-033EC17EBE5C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {E20DD4E9-05EB-427C-B646-7FA9F1A02376} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-31] (Microsoft Corporation)
Task: {E30358DF-0F70-4568-AB72-2FD9D2BE21E1} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {E7F61F3A-D510-46EF-A155-8A7077522695} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F0D2C84B-1FD1-4CE0-ABD3-91C3CBBD4D6C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)

==================== Loaded Modules (whitelisted) =============

2012-12-14 15:27 - 2012-12-14 15:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-03-14 21:21 - 2013-03-14 05:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-01-16 12:30 - 2013-01-23 11:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2014 00:24:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x774
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (08/30/2014 00:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ValueApps.exe, Version: 1.4.0.3, Zeitstempel: 0x52e60ecb
Name des fehlerhaften Moduls: ValueApps.exe, Version: 1.4.0.3, Zeitstempel: 0x52e60ecb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003848b
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xValueApps.exe0
Pfad der fehlerhaften Anwendung: ValueApps.exe1
Pfad des fehlerhaften Moduls: ValueApps.exe2
Berichtskennung: ValueApps.exe3
Vollständiger Name des fehlerhaften Pakets: ValueApps.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ValueApps.exe5

Error: (08/30/2014 10:48:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Umbrella.exe, Version: 4.21.0.1, Zeitstempel: 0x5385aa79
Name des fehlerhaften Moduls: Umbrella.exe, Version: 4.21.0.1, Zeitstempel: 0x5385aa79
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0009c7ed
ID des fehlerhaften Prozesses: 0x2278
Startzeit der fehlerhaften Anwendung: 0xUmbrella.exe0
Pfad der fehlerhaften Anwendung: Umbrella.exe1
Pfad des fehlerhaften Moduls: Umbrella.exe2
Berichtskennung: Umbrella.exe3
Vollständiger Name des fehlerhaften Pakets: Umbrella.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella.exe5

Error: (08/29/2014 11:43:17 PM) (Source: Intel(R) PROSet/Wireless NFC Software) (EventID: 260) (User: )
Description: HECI-MEI communication failure.

Error: (08/29/2014 11:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x235c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:37:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x2068
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:36:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x2278
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:36:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x2924
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x1870
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5


System errors:
=============
Error: (08/30/2014 11:51:35 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/30/2014 11:51:05 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/30/2014 11:48:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update melondrea" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/30/2014 11:48:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (08/30/2014 11:48:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/30/2014 11:37:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/30/2014 11:37:17 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/30/2014 10:24:34 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/30/2014 10:24:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/30/2014 10:50:28 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}


Microsoft Office Sessions:
=========================
Error: (08/31/2014 00:24:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd77401cfc49e00c18899C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll66a223a8-3094-11e4-be81-342387922ad6

Error: (08/30/2014 00:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ValueApps.exe1.4.0.352e60ecbValueApps.exe1.4.0.352e60ecbc0000005000000000003848be8001cfc3ca14759f3dC:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exeC:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe920694b7-302c-11e4-be80-342387922ad6

Error: (08/30/2014 10:48:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Umbrella.exe4.21.0.15385aa79Umbrella.exe4.21.0.15385aa79c00000fd0009c7ed227801cfc3d2369df00dC:\Program Files (x86)\Common Files\Umbrella\Umbrella.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe697b1153-3022-11e4-be80-342387922ad6

Error: (08/29/2014 11:43:17 PM) (Source: Intel(R) PROSet/Wireless NFC Software) (EventID: 260) (User: )
Description: 

Error: (08/29/2014 11:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22235c01cfc3d19330fe01C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dll560a77f6-2fc5-11e4-be80-342387922ad6

Error: (08/29/2014 11:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22dc001cfc3d17309b75cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dllc9c9772f-2fc4-11e4-be80-342387922ad6

Error: (08/29/2014 11:37:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22206801cfc3d16068a36cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dllad35c369-2fc4-11e4-be80-342387922ad6

Error: (08/29/2014 11:36:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22227801cfc3d1573531bcC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dll990da8b6-2fc4-11e4-be80-342387922ad6

Error: (08/29/2014 11:36:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22292401cfc3d14d077478C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dll9085e291-2fc4-11e4-be80-342387922ad6

Error: (08/29/2014 11:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22187001cfc3ca12ffd69cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dll8037392a-2fc4-11e4-be80-342387922ad6


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz
Percentage of memory in use: 39%
Total physical RAM: 3974.8 MB
Available physical RAM: 2402.43 MB
Total Pagefile: 4998.8 MB
Available Pagefile: 3283.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.39 GB) (Free:382.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 30AAEC30)

Partition: GPT Partition Type.

==================== End Of Log ============================

Moin Jürgen,
alles ab gearbeitet. Ich hoffe alles richtig gemacht

Gruß
Marco

deeprybka · 31.08.2014, 14:04

Hi, sieht schon besser aus. Sind aber noch nicht fertig.

Hast Du gelesen was ich weiter oben geschrieben habe bzw. den Link geklickt?
Wie lädst Du denn die Tools runter? Du solltest FRST wirklich auf den Desktop laden, sonst weiß ich nicht wie das mit dem Fix klappen soll...

Adwcleaner ist ja auch nicht auf dem Desktop:

Code:

ATTFilter

 Gestartet von : C:\Users\Sylvia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K323Q880\adwcleaner_3.308.exe

Amistade · 31.08.2014, 14:19

Hallo Jürgen,
Ich hab das auf dem Desktop

Ich lösche das nochmal und probier mein Glück

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014
Ran by Sylvia (administrator) on ARWENABENDSTERN on 31-08-2014 15:17:18
Running from C:\Users\Sylvia\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
(Microsoft Corporation) C:\Windows\System32\CheckNetIsolation.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-07] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-03] (NVIDIA Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {149B9D03-DDD0-4340-80E9-0F77A48705E5} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF Extension: Widget context - C:\Users\Sylvia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-04-18]

Chrome: 
=======
CHR Profile: C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-04-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639584 2013-02-05] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U0 ehjp; C:\Windows\System32\drivers\rxfo.sys [79064 2014-08-31] (Malwarebytes Corporation)
U0 lfmo; C:\Windows\System32\drivers\rdiot.sys [79064 2014-08-31] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 15:17 - 2014-08-31 15:17 - 00014137 _____ () C:\Users\Sylvia\Desktop\FRST.txt
2014-08-31 15:16 - 2014-08-31 15:16 - 02104320 _____ (Farbar) C:\Users\Sylvia\Desktop\FRST64.exe
2014-08-31 00:39 - 2014-08-31 00:39 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rdiot.sys
2014-08-31 00:39 - 2014-08-31 00:39 - 00003142 _____ () C:\Windows\SysWOW64\jnlhj
2014-08-31 00:18 - 2014-08-31 00:18 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rxfo.sys
2014-08-31 00:01 - 2014-08-31 13:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 00:01 - 2014-08-31 00:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-31 00:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-31 00:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-30 23:48 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-30 23:48 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-30 23:44 - 2014-08-30 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-30 23:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-30 23:40 - 2014-08-30 23:43 - 00000000 ____D () C:\AdwCleaner
2014-08-30 23:12 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Sylvia\Desktop\revouninstaller-portable
2014-08-30 23:09 - 2014-08-30 23:11 - 03007700 _____ () C:\Users\Sylvia\Desktop\revouninstaller.zip
2014-08-30 23:07 - 2014-08-30 23:18 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\Infigo
2014-08-30 23:07 - 2014-08-30 23:08 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-08-30 12:12 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-30 12:09 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-30 12:09 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-30 11:22 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-30 11:22 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-30 11:22 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-30 11:21 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-30 11:21 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-30 11:21 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-30 11:21 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-30 11:21 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-30 11:21 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-30 11:21 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-30 11:20 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-30 11:20 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-30 11:20 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-08-30 11:20 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-08-30 11:20 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-30 11:20 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-08-30 11:19 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-08-30 11:13 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-30 11:13 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-30 11:13 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-08-30 11:13 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-08-30 11:13 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-30 11:13 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-30 11:13 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-30 11:13 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-30 11:13 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-30 11:13 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-30 11:13 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-08-30 11:13 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-30 11:13 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-08-30 11:13 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-30 11:12 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-30 11:12 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-30 11:12 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-30 11:12 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-30 11:12 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-30 11:12 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-30 11:12 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-30 11:12 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-30 11:12 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-30 11:12 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-30 11:12 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-30 11:12 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-30 11:12 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-30 11:12 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-30 11:12 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-30 11:12 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-30 11:12 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-30 11:11 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-30 11:11 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-30 11:10 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-30 11:10 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:35 - 2014-08-31 15:17 - 00000000 ____D () C:\FRST
2014-08-29 19:58 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-29 19:58 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 19:57 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 15:17 - 2014-08-31 15:17 - 00014137 _____ () C:\Users\Sylvia\Desktop\FRST.txt
2014-08-31 15:17 - 2014-08-29 21:35 - 00000000 ____D () C:\FRST
2014-08-31 15:16 - 2014-08-31 15:16 - 02104320 _____ (Farbar) C:\Users\Sylvia\Desktop\FRST64.exe
2014-08-31 15:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-31 13:11 - 2014-08-31 00:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 11:20 - 2014-01-16 11:47 - 01967051 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 00:53 - 2014-02-21 17:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1985586172-433853276-367623084-1002
2014-08-31 00:39 - 2014-08-31 00:39 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rdiot.sys
2014-08-31 00:39 - 2014-08-31 00:39 - 00003142 _____ () C:\Windows\SysWOW64\jnlhj
2014-08-31 00:18 - 2014-08-31 00:18 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rxfo.sys
2014-08-31 00:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Resources
2014-08-31 00:01 - 2014-08-31 00:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-30 23:52 - 2014-01-16 11:36 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-08-30 23:52 - 2014-01-16 11:36 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-08-30 23:52 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-30 23:48 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-30 23:47 - 2012-08-03 04:22 - 00029670 _____ () C:\Windows\PFRO.log
2014-08-30 23:47 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-30 23:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-30 23:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-30 23:45 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-30 23:44 - 2014-08-30 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-30 23:44 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-30 23:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-08-30 23:43 - 2014-08-30 23:40 - 00000000 ____D () C:\AdwCleaner
2014-08-30 23:43 - 2014-02-21 17:46 - 00000997 _____ () C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 23:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Sylvia
2014-08-30 23:24 - 2014-03-10 00:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-30 23:18 - 2014-08-30 23:07 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\Infigo
2014-08-30 23:12 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Sylvia\Desktop\revouninstaller-portable
2014-08-30 23:11 - 2014-08-30 23:09 - 03007700 _____ () C:\Users\Sylvia\Desktop\revouninstaller.zip
2014-08-30 23:08 - 2014-08-30 23:07 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-08-30 22:35 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-30 22:31 - 2014-03-05 22:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-30 11:14 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-08-29 22:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:46 - 2014-03-10 00:02 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-29 20:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-23 08:47 - 2014-08-30 11:12 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 08:33 - 2014-08-30 11:13 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 05:09 - 2014-08-30 11:13 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 02:15 - 2014-08-30 23:48 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:15 - 2014-08-30 23:48 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Sylvia\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Sylvia\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 19:54

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014
Ran by Sylvia at 2014-08-31 15:18:00
Running from C:\Users\Sylvia\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2529 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6201.52 - CyberLink Corp.) Hidden
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (HKLM\...\Intel(R) PROSet/Wireless NFC-Software) (Version: 1.0.1.003 - Intel Corporation)
Intel(R) PROSet/Wireless NFC-Software (Version: 1.0.1.003 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA Grafiktreiber 311.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.46 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.46 (Version: 311.46 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.2.0.15030 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1985586172-433853276-367623084-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1985586172-433853276-367623084-1002_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Restore Points  =========================

18-06-2014 01:00:17 Windows Update
29-08-2014 17:56:50 Windows Update
30-08-2014 21:13:37 Revo Uninstaller's restore point - Advanced System Protector

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {091BB34C-DC34-445A-B7C8-135565542F6D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {0A3F03D6-E20D-4E8E-9304-FCC47DE05230} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {0EF935A8-0B63-428E-9B66-A5C62DB1A48E} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Ultimate Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {113C2838-EF90-49FD-A8D5-83CD78D12E92} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {1568CFE9-836B-4B5B-843D-653C5ED22732} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1D9154BB-CD0B-4B94-A122-D3654971CE3F} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {28A2E25B-0A87-41D7-833F-8C0FFDC40993} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {2F127919-D43A-4550-BF2C-9D549227FB53} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {3697293B-7957-495B-89E7-11E71126A160} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-31] (Microsoft Corporation)
Task: {3CDE8207-DD86-4C04-9858-AD782A7B1623} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {3DA85867-A8B9-46A3-A23D-61598CF8624E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {57E8EF05-AB4E-406C-8453-8F03AC32D26A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {62B558AE-31CA-4E69-9D7B-6C16FAE38301} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {7896DD82-C234-4B9B-8BDD-04E20F322F4A} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {89F5367B-39FD-4C4D-AD85-982EEA671371} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {8E1DFA55-AE57-4163-8A11-B54DAED2A0D5} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {915EDEE6-9A7C-4CD3-A2EA-52F8B09E0734} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B58995D8-F380-449E-B3F4-6E5B619B8BE0} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CE26C8C9-6BF8-4F5A-9F99-2E8D5F814476} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {DD46A341-17FB-42EE-9C0C-033EC17EBE5C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {E30358DF-0F70-4568-AB72-2FD9D2BE21E1} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {E7F61F3A-D510-46EF-A155-8A7077522695} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F0D2C84B-1FD1-4CE0-ABD3-91C3CBBD4D6C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)

==================== Loaded Modules (whitelisted) =============

2012-12-14 15:27 - 2012-12-14 15:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-03-05 22:18 - 2014-03-05 22:25 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-03-14 21:21 - 2013-03-14 05:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-01-16 12:30 - 2013-01-23 11:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2014 11:09:57 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/31/2014 00:53:20 AM) (Source: Intel(R) PROSet/Wireless NFC Software) (EventID: 260) (User: )
Description: HECI-MEI communication failure.

Error: (08/31/2014 00:24:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x774
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (08/30/2014 00:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ValueApps.exe, Version: 1.4.0.3, Zeitstempel: 0x52e60ecb
Name des fehlerhaften Moduls: ValueApps.exe, Version: 1.4.0.3, Zeitstempel: 0x52e60ecb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003848b
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xValueApps.exe0
Pfad der fehlerhaften Anwendung: ValueApps.exe1
Pfad des fehlerhaften Moduls: ValueApps.exe2
Berichtskennung: ValueApps.exe3
Vollständiger Name des fehlerhaften Pakets: ValueApps.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ValueApps.exe5

Error: (08/30/2014 10:48:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Umbrella.exe, Version: 4.21.0.1, Zeitstempel: 0x5385aa79
Name des fehlerhaften Moduls: Umbrella.exe, Version: 4.21.0.1, Zeitstempel: 0x5385aa79
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0009c7ed
ID des fehlerhaften Prozesses: 0x2278
Startzeit der fehlerhaften Anwendung: 0xUmbrella.exe0
Pfad der fehlerhaften Anwendung: Umbrella.exe1
Pfad des fehlerhaften Moduls: Umbrella.exe2
Berichtskennung: Umbrella.exe3
Vollständiger Name des fehlerhaften Pakets: Umbrella.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Umbrella.exe5

Error: (08/29/2014 11:43:17 PM) (Source: Intel(R) PROSet/Wireless NFC Software) (EventID: 260) (User: )
Description: HECI-MEI communication failure.

Error: (08/29/2014 11:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x235c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0xdc0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:37:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x2068
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/29/2014 11:36:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16921, Zeitstempel: 0x537fc9dc
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16864, Zeitstempel: 0x531d2be6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00010f22
ID des fehlerhaften Prozesses: 0x2278
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5


System errors:
=============
Error: (08/31/2014 03:07:43 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 03:07:13 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 03:05:43 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 01:25:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 01:23:58 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 01:12:24 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 11:12:07 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 11:11:37 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 09:31:38 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (08/31/2014 09:31:07 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}


Microsoft Office Sessions:
=========================
Error: (08/31/2014 11:09:57 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (08/31/2014 00:53:20 AM) (Source: Intel(R) PROSet/Wireless NFC Software) (EventID: 260) (User: )
Description: 

Error: (08/31/2014 00:24:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd77401cfc49e00c18899C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll66a223a8-3094-11e4-be81-342387922ad6

Error: (08/30/2014 00:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ValueApps.exe1.4.0.352e60ecbValueApps.exe1.4.0.352e60ecbc0000005000000000003848be8001cfc3ca14759f3dC:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exeC:\Users\Sylvia\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe920694b7-302c-11e4-be80-342387922ad6

Error: (08/30/2014 10:48:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Umbrella.exe4.21.0.15385aa79Umbrella.exe4.21.0.15385aa79c00000fd0009c7ed227801cfc3d2369df00dC:\Program Files (x86)\Common Files\Umbrella\Umbrella.exeC:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe697b1153-3022-11e4-be80-342387922ad6

Error: (08/29/2014 11:43:17 PM) (Source: Intel(R) PROSet/Wireless NFC Software) (EventID: 260) (User: )
Description: 

Error: (08/29/2014 11:42:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22235c01cfc3d19330fe01C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dll560a77f6-2fc5-11e4-be80-342387922ad6

Error: (08/29/2014 11:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22dc001cfc3d17309b75cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dllc9c9772f-2fc4-11e4-be80-342387922ad6

Error: (08/29/2014 11:37:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22206801cfc3d16068a36cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dllad35c369-2fc4-11e4-be80-342387922ad6

Error: (08/29/2014 11:36:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcKERNELBASE.dll6.2.9200.16864531d2be6e06d736300010f22227801cfc3d1573531bcC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\KERNELBASE.dll990da8b6-2fc4-11e4-be80-342387922ad6


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz
Percentage of memory in use: 36%
Total physical RAM: 3974.8 MB
Available physical RAM: 2538.26 MB
Total Pagefile: 4998.8 MB
Available Pagefile: 3133.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.39 GB) (Free:382.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 30AAEC30)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka · 31.08.2014, 14:31

Code:

ATTFilter

2014-08-31 15:16 - 2014-08-31 15:16 - 02104320 _____ (Farbar) C:\Users\Sylvia\Desktop\FRST64.exe

Prima!

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKCU - {149B9D03-DDD0-4340-80E9-0F77A48705E5} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
FF Extension: Widget context - C:\Users\Sylvia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-04-18]
CHR Extension: (No Name) - C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-04-13]
Task: {7896DD82-C234-4B9B-8BDD-04E20F322F4A} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
EmptyTemp:

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Fix-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Der PC wird neugestartet. Bitte poste das Fixlog.

Schritt 2

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Amistade · 31.08.2014, 14:37

Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Die Codebox bleibt leer

deeprybka · 31.08.2014, 14:41

Zitat:

Zitat von Amistade

Die Codebox bleibt leer

??? Was meinst Du...

Amistade · 31.08.2014, 14:54

Ich soll doch die Win-Taste plus R drücken. dann öffnet sich dieses Ausführen Fenster. Notepad und dann auf OK aber dann bleibt der Editor leer

Ich weiß was Du meinst. Schäm

deeprybka · 31.08.2014, 14:58

Ok...

Amistade · 31.08.2014, 15:05

Auf Laufwerk C verweigert er mir das speichern

deeprybka · 31.08.2014, 15:06

Du sollst die Datei ja auch auf den Desktop speichern...

Amistade · 31.08.2014, 15:23

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2014
Ran by Sylvia at 2014-08-31 16:12:11 Run:1
Running from C:\Users\Sylvia\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKCU - {149B9D03-DDD0-4340-80E9-0F77A48705E5} URL = hxxp://start.iminent.com/?appId=EFEA7F1A-55B1-474C-B4C3-7065F29D0F30&ref=toolbox&q={searchTerms}
FF Extension: Widget context - C:\Users\Sylvia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-04-18]
CHR Extension: (No Name) - C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-04-13]
Task: {7896DD82-C234-4B9B-8BDD-04E20F322F4A} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
EmptyTemp:
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{149B9D03-DDD0-4340-80E9-0F77A48705E5}" => Key deleted successfully.
"HKCR\CLSID\{149B9D03-DDD0-4340-80E9-0F77A48705E5}" => Key not found.
C:\Users\Sylvia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi => Moved successfully.
C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7896DD82-C234-4B9B-8BDD-04E20F322F4A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7896DD82-C234-4B9B-8BDD-04E20F322F4A}" => Key deleted successfully.
C:\Windows\System32\Tasks\System Speedup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Speedup" => Key deleted successfully.
EmptyTemp: => Removed 444.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014
Ran by Sylvia (administrator) on ARWENABENDSTERN on 31-08-2014 16:21:14
Running from C:\Users\Sylvia\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-05-07] (Realtek Semiconductor)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-03] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-03] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

Chrome: 
=======
CHR Profile: C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2013-01-23] (Broadcom Corporation.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639584 2013-02-05] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2013-01-23] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 16:21 - 2014-08-31 16:21 - 00012711 _____ () C:\Users\Sylvia\Desktop\FRST.txt
2014-08-31 16:15 - 2014-08-31 16:15 - 00302136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 15:16 - 2014-08-31 15:16 - 02104320 _____ (Farbar) C:\Users\Sylvia\Desktop\FRST64.exe
2014-08-31 00:01 - 2014-08-31 16:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 00:01 - 2014-08-31 00:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-31 00:01 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-31 00:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-30 23:48 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-30 23:48 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-30 23:44 - 2014-08-30 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-30 23:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-30 23:40 - 2014-08-30 23:43 - 00000000 ____D () C:\AdwCleaner
2014-08-30 23:12 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Sylvia\Desktop\revouninstaller-portable
2014-08-30 23:09 - 2014-08-30 23:11 - 03007700 _____ () C:\Users\Sylvia\Desktop\revouninstaller.zip
2014-08-30 23:07 - 2014-08-30 23:18 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\Infigo
2014-08-30 23:07 - 2014-08-30 23:08 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-08-30 12:12 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-30 12:09 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-30 12:09 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-30 11:22 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-30 11:22 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-30 11:22 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-30 11:21 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-30 11:21 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-30 11:21 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-30 11:21 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-30 11:21 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-30 11:21 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-30 11:21 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-30 11:21 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-30 11:21 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-30 11:21 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-30 11:21 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-30 11:20 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-30 11:20 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-30 11:20 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-08-30 11:20 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-08-30 11:20 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-30 11:20 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-08-30 11:19 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-08-30 11:13 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-30 11:13 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-30 11:13 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-08-30 11:13 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-08-30 11:13 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-30 11:13 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-30 11:13 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-30 11:13 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-30 11:13 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-30 11:13 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-30 11:13 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-08-30 11:13 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-30 11:13 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-08-30 11:13 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-30 11:12 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-30 11:12 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-30 11:12 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-30 11:12 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-30 11:12 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-30 11:12 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-30 11:12 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-30 11:12 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-30 11:12 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-30 11:12 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-30 11:12 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-30 11:12 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-30 11:12 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-30 11:12 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-30 11:12 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-30 11:12 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-30 11:12 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-30 11:11 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-30 11:11 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-30 11:10 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-30 11:10 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:35 - 2014-08-31 16:21 - 00000000 ____D () C:\FRST
2014-08-29 19:58 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-29 19:58 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-29 19:58 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 19:57 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-29 19:57 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 16:21 - 2014-08-31 16:21 - 00012711 _____ () C:\Users\Sylvia\Desktop\FRST.txt
2014-08-31 16:21 - 2014-08-29 21:35 - 00000000 ____D () C:\FRST
2014-08-31 16:18 - 2014-01-16 11:47 - 01979694 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 16:16 - 2014-08-31 00:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 16:15 - 2014-08-31 16:15 - 00302136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 16:15 - 2014-03-10 00:07 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-08-31 16:15 - 2012-08-03 04:22 - 00039990 _____ () C:\Windows\PFRO.log
2014-08-31 16:15 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-31 16:14 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-31 16:12 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-08-31 16:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-31 15:16 - 2014-08-31 15:16 - 02104320 _____ (Farbar) C:\Users\Sylvia\Desktop\FRST64.exe
2014-08-31 00:53 - 2014-02-21 17:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1985586172-433853276-367623084-1002
2014-08-31 00:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Resources
2014-08-31 00:01 - 2014-08-31 00:01 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-31 00:01 - 2014-08-31 00:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-30 23:52 - 2014-01-16 11:36 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-08-30 23:52 - 2014-01-16 11:36 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-08-30 23:52 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-30 23:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-30 23:45 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-08-30 23:45 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-30 23:44 - 2014-08-30 23:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-30 23:44 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-30 23:44 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-08-30 23:43 - 2014-08-30 23:40 - 00000000 ____D () C:\AdwCleaner
2014-08-30 23:43 - 2014-02-21 17:46 - 00000997 _____ () C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-30 23:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Sylvia
2014-08-30 23:18 - 2014-08-30 23:07 - 00000000 ____D () C:\Users\Sylvia\AppData\Roaming\Infigo
2014-08-30 23:12 - 2014-08-30 23:12 - 00000000 ____D () C:\Users\Sylvia\Desktop\revouninstaller-portable
2014-08-30 23:11 - 2014-08-30 23:09 - 03007700 _____ () C:\Users\Sylvia\Desktop\revouninstaller.zip
2014-08-30 23:08 - 2014-08-30 23:07 - 00000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-08-30 22:35 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-30 22:31 - 2014-03-05 22:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-30 11:14 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-08-29 22:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-29 21:58 - 2014-08-29 21:58 - 00000647 _____ () C:\Users\Sylvia\Desktop\FRST - Verknüpfung.lnk
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 21:39 - 2014-01-16 12:48 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-08-29 20:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-23 08:47 - 2014-08-30 11:12 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 08:33 - 2014-08-30 11:13 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 05:09 - 2014-08-30 11:13 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 02:15 - 2014-08-30 23:48 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:15 - 2014-08-30 23:48 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-29 19:54

==================== End Of Log ============================

--- --- ---

--- --- ---

31.08.2014, 14:58	#12
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ständig öffnen sich Inet Seiten und kriege eine Fehlermeldung Ok... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

31.08.2014, 15:06	#14
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ständig öffnen sich Inet Seiten und kriege eine Fehlermeldung Du sollst die Datei ja auch auf den Desktop speichern... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Ständig öffnen sich Inet Seiten und kriege eine Fehlermeldung

Plagegeister aller Art und deren Bekämpfung: Ständig öffnen sich Inet Seiten und kriege eine Fehlermeldung