Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text

MissMorgan · 15.04.2015, 20:41

Hallo,

entweder bei dem Update auf Windows 8.1 oder der darauf folgenden Installation von Chrome hat sich das Notebook etwas eingefangen.
Ich hatte auch ein Browser Chrossfire (?) auf der Taskliste.
Bei mir öffnen sich Websiten ungefragt. (Mit Chrome, Firefox und IE) Eigenständige Websiten die mir empfehlen Windows 8.1 aufzuräumen, schneller zu machen oder "couponcouponcoupon", "Amazon schenkt Ihnen 1000 Euro" oder ... oder..
Auch kleine Fenster in Rechteckformat mit Einkaufsvorschlägen (selbst bei Amazon tauchen die auf) oder Quadrate meist mit Verweise auf Software.
Passiert oft - aber nicht immer, wenn ich die Scrollleiste betätige.

Im Text habe ich viele Links (also Wörter die blau unterlegt sind und oben rechts ein grüber Kreis mit Pfeil), gehe ich darauf gibt es wieder Softwareempfehlungen.

Ich habe McAfee All Access Total Protection installiert und seitdem kein Chrossfire mehr. Macht ja nix. Aber die Websiten gehen so schnell auf, dass ein Arbeiten echt keinen Spaß macht.
Dann habe ich Avira heruntergeladen. Wenn ich es installieren will, sagt es mir keine Intenetverbindung. Gebe ich bei McAfee die Ausnahme ein, passiert dennoch nichts.

Ich bin langsam so weit, dass ich gerne den PC platt machen möchte. Weiss aber gar nicht mehr wie das geht.

Danke schon einmal vorab!

deeprybka · 15.04.2015, 21:09

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

MissMorgan · 15.04.2015, 22:05

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Katja (administrator) on SOPHIE on 15-04-2015 22:55:16
Running from C:\Users\Katja\Downloads
Loaded Profiles: Katja (Available profiles: Katja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\networkclient.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcchhost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(telegate MEDIA AG) C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(telegate MEDIA AG) C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kstart32.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\...\Run: [GoogleChromeAutoLaunch_F9A37A179D42A9D4DAEF4203F1E45541] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Inversmonitor.lnk
ShortcutTarget: Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Inversmonitor.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmon.exe (telegate MEDIA AG)
Startup: C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Schnellstarter.lnk
ShortcutTarget: Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Schnellstarter.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kstart32.exe (telegate MEDIA AG)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:64594;https=127.0.0.1:64594
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu/
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1175517667-2539168784-3350642445-1001 -> {EDEE0751-9E01-4550-9E76-E41D186417F6} URL = https://de.search.yahoo.com/search?fr=mcafee&type=A011DE128&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-05-31] (Qualcomm Atheros Commnucations)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-04-13] (McAfee)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-04-13] (McAfee)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-04-13] (McAfee)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-04-13] (McAfee)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default
FF DefaultSearchEngine: GMX Suche
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=A111DE128&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-25] (Google Inc.)
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\englische-ergebnisse.xml [2014-06-22]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\gmx-suche.xml [2014-06-22]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\lastminute.xml [2014-06-22]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\webde-suche.xml [2014-06-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-04-14]
FF Extension: No Name - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-03-25]
FF Extension: firefoxbookmarkcheckereverhelperme - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\firefoxbookmarkchecker@everhelper.me [2015-04-05]
FF Extension: jid1CGxMej0nDJTjwQjetpack - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\jid1-CGxMej0nDJTjwQ@jetpack [2015-04-05]
FF Extension: No Name - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\quick_searchff@gmail.com [2015-04-14]
FF Extension: GMX MailCheck - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\toolbar@gmx.net [2015-02-28]
FF Extension: No Name - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\WQNKK59573794@WAYA30227232.com [2015-03-25]
FF Extension: McAfee SafeKey - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2015-04-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-04-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-04-13]
FF HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Profile: C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee SafeKey) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2015-04-14]
CHR Extension: (Google Docs) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (djaoeafihpfaakkpdobmhedohgnmhpbp) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp [2015-04-05]
CHR Extension: (SiteAdvisor) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-04-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (nbglmejghppifhhbdhbaijiagbaedeec) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbglmejghppifhhbdhbaijiagbaedeec [2015-04-05]
CHR Extension: (Google Wallet) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-13]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2015-04-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0007641429073812mcinstcleanup; C:\WINDOWS\TEMP\000764~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2015-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [506928 2013-02-05] (Samsung Electronics Co., Ltd.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2015-04-13] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2015-02-28] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 22:55 - 2015-04-15 22:56 - 00031092 _____ () C:\Users\Katja\Downloads\FRST.txt
2015-04-15 22:54 - 2015-04-15 22:55 - 00000000 ____D () C:\FRST
2015-04-15 22:51 - 2015-04-15 22:52 - 02097664 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2015-04-15 21:41 - 2015-04-15 21:41 - 00004976 _____ () C:\Users\Katja\Desktop\Websitenproblem.odt
2015-04-15 21:16 - 2015-04-15 21:16 - 00001066 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-04-15 21:16 - 2015-04-15 21:16 - 00001046 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-04-15 21:16 - 2015-04-15 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-04-15 20:53 - 2015-04-15 20:53 - 04625104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katja\Downloads\avira_de_av_552eb36c98e81__wsm.exe
2015-04-15 20:53 - 2015-04-15 20:53 - 00001198 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\ProgramData\Avira
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-14 08:43 - 2015-04-14 08:50 - 00000000 ____D () C:\AdwCleaner
2015-04-14 08:41 - 2015-04-14 08:41 - 02217984 _____ () C:\Users\Katja\Downloads\adwcleaner_4.201.exe
2015-04-14 08:26 - 2015-04-14 08:27 - 00560552 _____ (Oracle Corporation) C:\Users\Katja\Downloads\jre-8u40-windows-i586-iftw.exe
2015-04-14 07:31 - 2015-04-14 07:31 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-13 13:26 - 2015-04-13 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-13 13:26 - 2015-04-13 13:26 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-04-13 13:25 - 2015-04-13 13:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-13 13:24 - 2015-04-13 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-13 13:23 - 2015-04-13 13:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-13 13:23 - 2015-04-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-13 13:19 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-13 13:19 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-13 13:19 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-04-13 13:19 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-04-13 13:18 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-13 13:18 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-04-13 13:18 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-04-13 13:18 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-04-13 13:18 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-04-13 13:18 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-04-13 13:18 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-04-13 13:18 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-04-13 13:18 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-04-13 13:18 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-04-13 13:18 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-04-13 13:18 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-04-13 13:18 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-04-13 13:18 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-04-13 13:18 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-04-13 13:18 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-04-13 13:18 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-04-13 13:18 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-04-13 13:18 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-04-13 13:18 - 2014-11-08 06:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-13 13:18 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-04-13 13:18 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-04-13 13:18 - 2014-11-08 05:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-13 13:18 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-04-13 13:18 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-04-13 13:18 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-04-13 13:18 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-04-13 13:18 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-04-13 13:18 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-04-13 13:18 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-04-13 13:18 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-04-13 13:18 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-04-13 13:18 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-04-13 13:18 - 2014-11-08 04:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-13 13:18 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-04-13 13:18 - 2014-11-08 03:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-13 13:18 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-04-13 13:18 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-04-13 13:18 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-04-13 13:18 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-04-13 13:18 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-04-13 13:18 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-04-13 13:18 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-04-13 13:18 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-04-13 13:18 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-04-13 13:18 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-04-13 13:18 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-04-13 13:18 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-04-13 13:18 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-04-13 13:18 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-04-13 13:18 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-04-13 13:18 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-04-13 13:18 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-04-13 13:18 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-04-13 13:18 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-04-13 13:18 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-04-13 13:18 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-04-13 13:18 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-04-13 13:18 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-04-13 13:18 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-04-13 13:18 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-04-13 13:18 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-04-13 13:18 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-04-13 13:18 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-04-13 13:18 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-04-13 13:18 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-04-13 13:18 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-04-13 13:18 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-04-13 13:18 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-04-13 13:18 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-04-13 13:18 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-04-13 13:18 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-04-13 13:18 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-04-13 13:18 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-04-13 13:18 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-04-13 13:18 - 2014-10-17 06:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-04-13 13:18 - 2014-10-17 06:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-04-13 13:18 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-04-13 13:18 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-04-13 13:16 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-13 13:16 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-13 13:16 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-13 13:16 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-13 13:16 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-13 13:16 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-13 13:16 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-13 13:16 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-13 13:16 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-13 13:16 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-13 13:16 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-13 13:16 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-13 13:16 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-13 13:16 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-13 13:16 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-13 13:16 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-13 13:16 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-13 13:16 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-13 13:16 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-13 13:15 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-13 13:15 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-04-13 13:07 - 2015-04-15 22:18 - 00001871 _____ () C:\Users\Public\Desktop\McAfee All Access – Total Protection.lnk
2015-04-13 13:05 - 2015-04-15 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-04-13 13:05 - 2015-04-14 08:57 - 00000000 __RSD () C:\Users\Katja\Documents\McAfee-Tresore
2015-04-13 13:05 - 2015-04-13 13:11 - 00000000 ____D () C:\Program Files (x86)\SafeKey
2015-04-13 13:05 - 2015-04-13 13:05 - 00000000 ____D () C:\Users\Katja\AppData\Local\McAfee File Lock
2015-04-13 13:05 - 2015-04-13 13:05 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2015-04-13 13:05 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-04-13 13:05 - 2013-09-09 11:11 - 00074560 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys
2015-04-13 13:04 - 2015-04-13 13:06 - 00000000 ____D () C:\Program Files\McAfee
2015-04-13 13:04 - 2015-04-13 13:04 - 00000000 ____D () C:\Program Files\McAfee.com
2015-04-13 13:03 - 2015-04-15 06:56 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-13 12:52 - 2015-04-13 12:52 - 00000000 ____D () C:\Quarantine
2015-04-13 12:51 - 2015-04-13 13:06 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-04-13 12:51 - 2015-04-13 12:55 - 00000000 ____D () C:\Program Files\stinger
2015-04-13 12:51 - 2015-04-13 12:52 - 00189912 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2015-04-13 12:50 - 2015-04-13 12:51 - 05159072 _____ (McAfee, Inc.) C:\Users\Katja\Downloads\Setup_serial_tWKooDA_bHetTQxNBnePKQ2_key(1).exe
2015-04-13 12:50 - 2015-04-13 12:50 - 05159072 _____ (McAfee, Inc.) C:\Users\Katja\Downloads\Setup_serial_tWKooDA_bHetTQxNBnePKQ2_key.exe
2015-04-13 12:22 - 2015-04-13 12:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-04-13 12:22 - 2015-04-13 12:22 - 00000000 ____D () C:\Program Files\DIFX
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Gast
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Administrator
2015-04-12 20:45 - 2015-04-12 20:45 - 00000000 ____D () C:\ProgramData\Doctor Web
2015-04-12 20:38 - 2015-04-12 21:08 - 00000000 ____D () C:\Users\Katja\Doctor Web
2015-04-12 20:36 - 2015-04-12 20:37 - 165319680 _____ () C:\Users\Katja\Downloads\DRWeb.exe
2015-04-09 19:56 - 2015-04-09 20:02 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-09 19:56 - 2015-04-09 19:56 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-08 22:47 - 2015-04-12 19:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-08 20:12 - 2015-04-08 20:12 - 00243241 _____ () C:\Users\Katja\Desktop\Map.html
2015-04-08 20:12 - 2015-04-08 20:12 - 00000000 ____D () C:\Users\Katja\Desktop\Map_files
2015-04-02 11:54 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-04-02 11:54 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-04-02 11:53 - 2015-02-20 05:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-04-02 11:53 - 2015-02-20 04:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-04-02 11:53 - 2015-02-20 04:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-04-02 11:53 - 2015-02-20 04:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-04-02 11:53 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-04-02 11:53 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-04-02 11:52 - 2015-03-06 04:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-04-02 11:52 - 2015-03-06 04:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-04-02 11:52 - 2015-02-26 01:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-04-02 11:52 - 2015-02-04 01:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-04-02 11:52 - 2015-02-04 01:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-04-02 11:52 - 2015-02-04 01:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-04-02 11:52 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-04-02 11:52 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-04-02 11:52 - 2015-01-31 01:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-04-02 11:52 - 2015-01-31 01:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-04-02 11:52 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-04-02 11:52 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-04-02 11:51 - 2015-02-07 01:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-04-02 11:51 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-04-02 11:51 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-04-02 11:49 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-02 11:49 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-02 11:49 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-04-02 11:49 - 2015-02-21 02:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-04-02 11:49 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-02 11:49 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-02 11:49 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-04-02 11:49 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-02 11:49 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-02 11:49 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-04-02 11:49 - 2015-02-20 04:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-02 11:49 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-04-02 11:49 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-02 11:49 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-02 11:49 - 2015-02-20 04:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-04-02 11:49 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-04-02 11:49 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-04-02 11:49 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-02 11:49 - 2015-02-20 03:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-02 11:49 - 2015-02-20 03:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-02 11:49 - 2015-02-20 03:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-04-02 11:49 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-02 11:49 - 2015-02-20 03:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-04-02 11:49 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-04-02 11:49 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-02 11:49 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-02 11:49 - 2015-02-20 03:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-02 11:49 - 2015-02-20 03:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-04-02 11:49 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-02 11:49 - 2015-02-20 03:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-04-02 11:49 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-04-02 11:49 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-02 11:49 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-02 11:49 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-02 11:49 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-02 11:49 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-02 11:49 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-02 11:48 - 2015-02-06 03:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-04-02 11:48 - 2015-02-06 03:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-04-02 11:48 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-04-02 11:48 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-04-02 11:48 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-04-02 11:48 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-04-02 11:48 - 2015-01-30 05:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-04-02 11:48 - 2015-01-30 05:00 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-04-02 11:48 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-04-02 11:48 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-04-02 11:48 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-04-02 11:48 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-04-02 11:48 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-04-02 11:48 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-04-02 11:48 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-04-02 11:48 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-04-02 11:48 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-04-02 11:48 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-04-02 11:48 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-04-02 11:48 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-04-02 11:48 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-04-02 11:48 - 2015-01-29 20:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-04-02 11:48 - 2015-01-29 20:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-04-02 11:48 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-02 11:48 - 2015-01-29 03:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-04-02 11:48 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-04-02 11:48 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-04-02 11:48 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-04-02 11:48 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-04-02 11:48 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-04-02 11:48 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-04-02 11:48 - 2015-01-28 17:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-02 11:48 - 2015-01-28 17:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-02 11:48 - 2015-01-28 17:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-02 11:48 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-04-02 11:48 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-04-02 11:48 - 2015-01-27 06:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-04-02 11:48 - 2015-01-27 04:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-04-02 11:48 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-04-02 11:47 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-04-02 11:47 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-04-02 11:47 - 2014-11-10 01:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-02 11:47 - 2014-11-10 01:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-02 11:42 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-04-02 11:42 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-04-02 11:41 - 2015-02-12 19:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-04-02 11:41 - 2015-02-12 19:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-04-02 11:41 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-04-02 11:41 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-04-02 11:40 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-04-02 11:40 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-04-02 11:40 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-04-02 11:40 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-04-02 11:40 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-04-01 20:22 - 2015-04-01 20:22 - 00356200 _____ (Dropbox, Inc.) C:\Users\Katja\Downloads\DropboxInstaller.exe
2015-03-25 21:24 - 2015-04-12 19:50 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-25 20:25 - 2015-04-04 09:35 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-25 20:25 - 2015-03-25 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-25 20:23 - 2015-04-15 22:34 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 20:23 - 2015-04-14 08:52 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 20:23 - 2015-04-13 15:01 - 00000000 ____D () C:\Program Files (x86)\System NotifierV25.03
2015-03-25 20:23 - 2015-04-13 15:00 - 00000000 ____D () C:\Program Files (x86)\MediaPlayr2.7
2015-03-25 20:23 - 2015-04-13 13:45 - 00000000 ____D () C:\Program Files (x86)\HQ Video Pro 3.1cV25.03
2015-03-25 20:23 - 2015-03-25 20:29 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-25 20:23 - 2015-03-25 20:29 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-25 20:23 - 2015-03-25 20:25 - 00000000 ____D () C:\Users\Katja\AppData\Local\Google
2015-03-25 20:23 - 2015-03-25 20:24 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-25 20:18 - 2015-03-25 20:18 - 00000000 __SHD () C:\Users\Katja\AppData\Local\EmieUserList
2015-03-25 20:18 - 2015-03-25 20:18 - 00000000 __SHD () C:\Users\Katja\AppData\Local\EmieSiteList
2015-03-25 20:18 - 2015-03-25 20:18 - 00000000 __SHD () C:\Users\Katja\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 22:56 - 2012-09-25 17:43 - 00000000 ____D () C:\ProgramData\MOCP
2015-04-15 22:49 - 2015-03-10 07:01 - 02062757 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-15 22:23 - 2013-02-07 00:53 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1175517667-2539168784-3350642445-1001
2015-04-15 22:01 - 2013-02-19 14:23 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-15 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-15 21:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-15 21:16 - 2013-02-20 00:44 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-04-15 20:08 - 2013-02-19 14:23 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-15 20:08 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-15 06:56 - 2012-09-25 17:21 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-14 08:53 - 2015-03-10 13:15 - 00000000 ____D () C:\Users\Katja\OneDrive
2015-04-14 08:51 - 2013-08-22 16:46 - 00286814 _____ () C:\WINDOWS\setupact.log
2015-04-14 08:51 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-14 08:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-14 08:49 - 2015-03-10 06:37 - 00000000 ____D () C:\Users\Katja
2015-04-14 08:01 - 2012-09-25 18:05 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-04-14 08:01 - 2012-09-25 18:03 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-14 07:44 - 2014-11-21 05:35 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-14 07:44 - 2014-11-21 04:45 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-14 07:44 - 2014-11-21 04:45 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-14 07:41 - 2013-02-07 01:14 - 00000000 ____D () C:\Update
2015-04-14 07:34 - 2014-11-20 20:24 - 00056102 _____ () C:\WINDOWS\PFRO.log
2015-04-14 07:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-04-14 07:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-04-14 07:31 - 2014-11-21 12:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-13 13:26 - 2015-02-28 23:11 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-04-13 13:26 - 2013-08-22 16:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-04-13 13:24 - 2014-06-22 21:03 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-13 13:23 - 2013-02-07 01:10 - 00000000 ____D () C:\ProgramData\Skype
2015-04-13 13:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-13 13:05 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-04-13 12:52 - 2014-06-20 10:26 - 00786296 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
2015-04-13 12:23 - 2012-09-25 17:31 - 00001587 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2015-04-13 12:23 - 2012-09-25 17:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-13 12:22 - 2012-09-25 17:07 - 00039416 _____ () C:\WINDOWS\DPINST.LOG
2015-04-13 12:22 - 2012-09-25 17:07 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-04-13 12:21 - 2012-09-25 17:23 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-13 12:20 - 2012-09-25 17:54 - 00000000 ____D () C:\Program Files\Sony
2015-04-13 12:15 - 2015-02-28 23:06 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\iolo
2015-04-13 12:14 - 2013-02-07 00:48 - 00000000 ____D () C:\Users\Katja\AppData\Local\Sony Corporation
2015-04-12 21:10 - 2013-02-19 13:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-12 19:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-11 05:36 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-09 20:01 - 2013-08-22 16:44 - 00481504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-09 19:59 - 2015-03-01 00:16 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-04-09 19:57 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-03 05:18 - 2013-02-07 00:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-03 05:18 - 2012-07-26 07:26 - 00000199 _____ () C:\WINDOWS\win.ini
2015-04-03 05:11 - 2014-04-03 12:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-03 05:06 - 2013-02-07 13:43 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-01 23:16 - 2012-09-25 17:23 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation
2015-04-01 23:14 - 2015-03-10 13:11 - 00001465 _____ () C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-01 23:14 - 2013-02-19 13:59 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-01 23:12 - 2013-02-14 15:24 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\WildTangent
2015-04-01 23:12 - 2012-09-25 18:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-25 20:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore

==================== Files in the root of some directories =======

2015-04-13 13:06 - 2015-04-13 13:06 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe

Some content of TEMP:
====================
C:\Users\Katja\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Katja\AppData\Local\Temp\Quarantine.exe
C:\Users\Katja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-13 05:07

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04
Ran by Katja at 2015-04-15 22:57:29
Running from C:\Users\Katja\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HQ Video Pro 3.1cV25.03 (HKLM-x32\...\HQ Video Pro 3.1cV25.03) (Version: 1.36.01.22 - HQ VideoV25.03)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
klickTel Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 (HKLM-x32\...\{19C884FB-4168-4281-B4A4-C110C9E850DA}) (Version: 1.00.0000 - telegate MEDIA AG)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.10 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
MediaPlayr2.7 (HKLM-x32\...\MediaPlayr2.7) (Version: 1.36.01.22 - NewPlayRVideo)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.04 (04.12.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.61 (10.04.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(03.05.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.09.14 (05.02.2013) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.09 (11.03.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
System NotifierV25.03 (HKLM-x32\...\System NotifierV25.03) (Version: 1.36.01.22 - System NotifierV25.03)
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

25-03-2015 20:23:33 Uniblue SpeedUpMyPC installation
01-04-2015 23:16:33 Entfernt Xperia Link
09-04-2015 06:34:40 Geplanter Prüfpunkt
13-04-2015 12:21:18 Installiert VAIO Hardware Diagnostics

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0912766A-F3D0-4242-88E1-CC6676AC3478} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {0A7E9A17-7A8B-4952-909A-8FBB3D57215F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {1138DC6F-66CD-49AB-949C-9E13341CE715} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {122C16EA-39BB-4127-ACAA-880AE4D5B177} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-03] (Microsoft Corporation)
Task: {126FD3F2-AB54-4D2E-A3B8-A7ADEC4AB635} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {1627D5DA-2037-48A0-BEDF-F96C4E86B145} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {1BB8C29E-66B2-48BF-A857-AE48EA6B7D8F} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {1F34AB51-CE98-47A7-877C-1B29CDD18700} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {31668625-3A7A-45E7-A7BA-C1026058F376} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {3A22B7FF-1B99-4514-8321-D43A37E96519} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {3A6F6DF5-4E35-403A-BECA-BC6E0C9BDD76} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {56C38484-B9B2-4885-9B5F-9941444D978D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5932B7C8-511A-423D-AE2F-F18A0AB8B9A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {669D5E91-3262-4137-9F3E-252715F470BD} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {6942C439-36F3-4583-8412-A8E251A42A9B} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {6D7FD032-5500-4D9A-A368-AA2BFACD9596} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6EB8BF52-A2BA-4DB0-B081-D9C9B9326B50} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {766C73B2-1DE3-4225-B90E-D542DE32E65B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {867CA1B7-DA2F-4768-91CA-F00FBDA3E236} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {877D3ECE-0AA1-42C1-AF84-718918A9C48D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {8F9B7BCE-D3CC-49D7-821F-B16DE1C7559C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {9BBB9AA3-0D7C-490A-90B0-BD3015CDCC7A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9D38D3B7-644F-4BA2-868D-29D075A0C5D2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9E99D3D5-8E36-4114-8938-1A5A0485B209} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AA895FD5-C8F9-4362-AC0D-449BA761B816} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BADF80F5-16F4-4D6A-8F93-36FA8E6BF56B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {BF1F4793-5373-4E06-A940-14B107BB9CF3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D2B0DF18-BE05-44AB-9C45-605F2558C9C7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {E1E6F237-4DF5-4C71-A459-10593DAB5DA8} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E2E416E3-859E-4C0F-954C-FB7AD7E18765} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {E5608EAE-71C4-418E-B7FA-9C390724A001} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {EBDF3323-C3EF-4439-8F4C-DE6FDB95C413} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {EF606058-2E61-4474-812D-8A0DFA6EA591} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {F20E10B1-AC6F-46E8-85E8-36468F325251} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {F8E8E42C-7D79-47FF-9E31-0EABE3972145} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-04 06:19 - 2014-12-04 06:19 - 00029184 _____ () C:\WINDOWS\System32\sst9clm.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-31 02:23 - 2013-05-31 02:23 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-31 02:19 - 2013-05-31 02:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-31 02:53 - 2013-05-31 02:53 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-05-31 02:59 - 2013-05-31 02:59 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-05-31 02:09 - 2013-05-31 02:09 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2012-09-25 17:54 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-04 09:35 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-04 09:35 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-04 09:35 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2014-04-03 12:57 - 1999-03-02 09:12 - 00372736 _____ () C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\KSDB32.DLL
2014-04-03 12:57 - 2008-07-10 10:06 - 00430080 _____ () C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmricapi.dll
2014-04-03 12:57 - 2004-12-02 19:07 - 00384000 _____ () C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmritapi.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2015-04-04 09:35 - 2015-03-30 23:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
2012-09-25 17:14 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Katja\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\leverage full cast.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1175517667-2539168784-3350642445-500 - Administrator - Disabled)
Gast (S-1-5-21-1175517667-2539168784-3350642445-501 - Limited - Disabled)
Katja (S-1-5-21-1175517667-2539168784-3350642445-1001 - Administrator - Enabled) => C:\Users\Katja

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2015 09:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504eb8
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c850f5
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec500
ID des fehlerhaften Prozesses: 0x149c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5

Error: (04/14/2015 08:55:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0x904
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/14/2015 08:49:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1bcc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (04/14/2015 07:44:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d44

Startzeit: 01d076754ff33eba

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 47c91b20-e269-11e4-be8d-083e8eb7797a

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/14/2015 07:40:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0xe48
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/14/2015 07:33:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007fff2ca79a71
ID des fehlerhaften Prozesses: 0x1078
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (04/14/2015 07:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0x1fd8
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/13/2015 02:41:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d60

Startzeit: 01d075e010a214a4

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 68ba7398-e1da-11e4-be8c-083e8eb7797a

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2015 01:22:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mcsync.exe, Version: 12.8.958.0, Zeitstempel: 0x535e8c08
Name des fehlerhaften Moduls: McRtMui.dll_unloaded, Version: 3.8.702.2, Zeitstempel: 0x51f30813
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000037f7
ID des fehlerhaften Prozesses: 0x16c
Startzeit der fehlerhaften Anwendung: 0xmcsync.exe0
Pfad der fehlerhaften Anwendung: mcsync.exe1
Pfad des fehlerhaften Moduls: mcsync.exe2
Berichtskennung: mcsync.exe3
Vollständiger Name des fehlerhaften Pakets: mcsync.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mcsync.exe5

Error: (04/13/2015 01:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm VAIOShell.exe, Version 8.4.2.12030 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d44

Startzeit: 01d075d22c943b41

Endzeit: 389

Anwendungspfad: C:\Program Files\Sony\VAIO Care\VAIOShell.exe

Berichts-ID: fda3e2c5-e1cd-11e4-be8c-083e8eb7797a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (04/15/2015 10:16:07 PM) (Source: DCOM) (EventID: 10010) (User: SOPHIE)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (04/14/2015 08:56:48 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (04/14/2015 08:50:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2015 08:50:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2015 08:50:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VAIO Event Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2015 08:50:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Samsung Network Fax Server" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2015 08:50:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/14/2015 08:49:33 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/14/2015 08:49:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/14/2015 08:49:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/15/2015 09:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.1741554504eb8USER32.dll6.3.9600.1766854c850f5c000014200000000000ec500149c01d077b415d34437C:\WINDOWS\System32\rundll32.exeUSER32.dll5392f52f-e3a7-11e4-be8e-083e8eb7797a

Error: (04/14/2015 08:55:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c693990401d0768002ce1ba3C:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exe42ca5349-e273-11e4-be8e-083e8eb7797a

Error: (04/14/2015 08:49:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa11bcc01d07678bffc61feC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll58487274-e272-11e4-be8d-083e8eb7797a

Error: (04/14/2015 07:44:17 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689d4401d076754ff33eba4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe47c91b20-e269-11e4-be8d-083e8eb7797amicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/14/2015 07:40:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c6939e4801d076756ef59980C:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeb0f00de5-e268-11e4-be8d-083e8eb7797a

Error: (04/14/2015 07:33:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007fff2ca79a71107801d075d22ca4b8d0c:\program files\Sony\vaio care\VCAgent.exeunknownbf6f0ee4-e267-11e4-be8c-083e8eb7797a

Error: (04/14/2015 07:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c69391fd801d07673d9d93f24C:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exe1d5a5cbe-e267-11e4-be8c-083e8eb7797a

Error: (04/13/2015 02:41:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206891d6001d075e010a214a44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe68ba7398-e1da-11e4-be8c-083e8eb7797amicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (04/13/2015 01:22:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcsync.exe12.8.958.0535e8c08McRtMui.dll_unloaded3.8.702.251f30813c000000500000000000037f716c01d075dc12fa4f38C:\PROGRA~1\McAfee\MSC\mcsync.exeMcRtMui.dll5601d36c-e1cf-11e4-be8c-083e8eb7797a

Error: (04/13/2015 01:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: VAIOShell.exe8.4.2.12030d4401d075d22c943b41389C:\Program Files\Sony\VAIO Care\VAIOShell.exefda3e2c5-e1cd-11e4-be8c-083e8eb7797a


CodeIntegrity Errors:
===================================
  Date: 2015-04-13 05:08:54.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-10 04:28:48.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-11 06:44:54.544
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 8069.28 MB
Available physical RAM: 3639.38 MB
Total Pagefile: 9349.28 MB
Available Pagefile: 4017.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (John McRory) (Fixed) (Total:267.65 GB) (Free:206.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3693E23B)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

deeprybka · 15.04.2015, 22:08

Hi,
bitte mal diese Scans durchführen:

Schritt 1

Schließe alle offenen Programme und Browser.
Starte bitte Adwcleaner.
Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
Klicke nun auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

MissMorgan · 15.04.2015, 22:22

Hmm. Also der AdwCleaner hat eine Application von McAfee gefunden und fünf Windows Software Infos. Bei einem gesetzten Haken würden die gelöscht werden und da bin ich schon unsicher. Soll ich das wirklich tun? Hier das Log
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.201 - Bericht erstellt 15/04/2015 um 23:13:03
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Katja - SOPHIE
# Gestarted von : C:\Users\Katja\Downloads\adwcleaner_4.201 (1).exe
# Option : Suchlauf

***** [ Dienste ] *****

Dienst Gefunden : 0007641429073812mcinstcleanup

***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:64594;hxxps=127.0.0.1:64594
Wert Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Wert Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R0].txt - [16209 Bytes] - [14/04/2015 08:43:18]
AdwCleaner[R1].txt - [1392 Bytes] - [15/04/2015 23:13:03]
AdwCleaner[S0].txt - [14540 Bytes] - [14/04/2015 08:49:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1511 Bytes] ##########

--- --- ---

[/CODE]

deeprybka · 15.04.2015, 22:23

Das ist nicht das Adwcleaner-Log...

MissMorgan · 15.04.2015, 22:39

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.201 - Bericht erstellt 15/04/2015 um 23:13:03
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Katja - SOPHIE
# Gestarted von : C:\Users\Katja\Downloads\adwcleaner_4.201 (1).exe
# Option : Suchlauf

***** [ Dienste ] *****

Dienst Gefunden : 0007641429073812mcinstcleanup

***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:64594;hxxps=127.0.0.1:64594
Wert Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Wert Gefunden : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v41.0.2272.118


*************************

AdwCleaner[R0].txt - [16209 Bytes] - [14/04/2015 08:43:18]
AdwCleaner[R1].txt - [1392 Bytes] - [15/04/2015 23:13:03]
AdwCleaner[S0].txt - [14540 Bytes] - [14/04/2015 08:49:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1511 Bytes] ##########

--- --- ---

[/CODE]

deeprybka · 15.04.2015, 22:43

Funde löschen lassen und weiter mit dem nächsten Schritt.

MissMorgan · 18.04.2015, 10:03

Also, der Cleaner hat null gebracht. Selbst der McAfee Kaufshop geht immer wieder auf, obwohl er ihn doch erkannt hat. Ich mache jetzt mit Malware weiter...
Übrigens habe ich - nachdem ich bald wahnsinnig wurde nach all den sich öffnenden und fehlgeleiteten Websiten - nun den IE geöffnet und da tritt das Problem nicht wirklich auf. Jedenfalls kann ich nun wieder arbeiten... Und nachdem ich mal nicht wutendbrannt rumschreie, bedanke ich mich mal zwischendurch für die Hilfe :-)

deeprybka · 18.04.2015, 10:46

Sicher dass Du mit dem Adwcleaner auch die Sachen gelöscht hast? Hast bis jetzt nur Suchlaufprotokolle gepostet.

Code:

ATTFilter

# Gestarted von : C:\Users\Katja\Downloads\adwcleaner_4.201 (1).exe
# Option : Suchlauf

MissMorgan · 18.04.2015, 12:43

Hatte auf "löschen" gedrückt und Windows hat auch neu gestartet.
Nun habe ich es noch einmal gestartet.

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.201 - Bericht erstellt 18/04/2015 um 12:50:55
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-18.3 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Katja - SOPHIE
# Gestarted von : C:\Users\Katja\AppData\Local\Microsoft\Windows\INetCache\IE\5UDTIU4Q\adwcleaner_4.201 (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:64594;hxxps=127.0.0.1:64594
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v42.0.2311.90


*************************

AdwCleaner[R0].txt - [16209 Bytes] - [14/04/2015 08:43:18]
AdwCleaner[R1].txt - [1590 Bytes] - [15/04/2015 23:13:03]
AdwCleaner[R2].txt - [1698 Bytes] - [18/04/2015 12:44:15]
AdwCleaner[R3].txt - [1761 Bytes] - [18/04/2015 12:48:27]
AdwCleaner[S0].txt - [14540 Bytes] - [14/04/2015 08:49:07]
AdwCleaner[S1].txt - [1422 Bytes] - [18/04/2015 10:13:50]
AdwCleaner[S2].txt - [1451 Bytes] - [18/04/2015 12:50:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1510  Bytes] ##########

--- --- ---

[/CODE]

Hmm, jetzt ist mein letztes Logbild nicht mehr zu sehen. Ja, ich hatte gelöscht und eben noch einmal einen Suchlauf gestartet.
Malwarebytes Anti-Malware hat beim ersten Durchlauf vierhundert Bedrohungen gefunden, die ich gelöscht habe.

So, Chrome zeigt erst einmal kein seltsames Verhalten in den letzten fünf Minuten, gibt es noch etwas was ich tun kann?

Danke!

deeprybka · 18.04.2015, 15:22

Wir sind noch lange nicht fertig!

Bitte das Log von Malwarebytes posten und dann gleich noch frische FRST-Logs hinterher.

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

MissMorgan · 24.04.2015, 13:51

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 24.04.2015
Suchlauf-Zeit: 13:22:04
Logdatei: 
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.24.02
Rootkit Datenbank: v2015.04.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Katja

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 400585
Verstrichene Zeit: 35 Min, 57 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2015 02
Ran by Katja at 2015-04-24 14:14:21
Running from C:\Users\Katja\AppData\Local\Microsoft\Windows\INetCache\IE\046Q14JA
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1175517667-2539168784-3350642445-500 - Administrator - Disabled)
Gast (S-1-5-21-1175517667-2539168784-3350642445-501 - Limited - Disabled)
Katja (S-1-5-21-1175517667-2539168784-3350642445-1001 - Administrator - Enabled) => C:\Users\Katja

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HQ Video Pro 3.1cV25.03 (HKLM-x32\...\HQ Video Pro 3.1cV25.03) (Version: 1.36.01.22 - HQ VideoV25.03)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
klickTel Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 (HKLM-x32\...\{19C884FB-4168-4281-B4A4-C110C9E850DA}) (Version: 1.00.0000 - telegate MEDIA AG)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.1.10 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MediaPlayr2.7 (HKLM-x32\...\MediaPlayr2.7) (Version: 1.36.01.22 - NewPlayRVideo)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.04 (04.12.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.61 (10.04.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(03.05.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.09.14 (05.02.2013) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.09 (11.03.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.206 - McAfee, Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
System NotifierV25.03 (HKLM-x32\...\System NotifierV25.03) (Version: 1.36.01.22 - System NotifierV25.03) <==== ATTENTION!
VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net  (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-04-2015 06:34:40 Geplanter Prüfpunkt
13-04-2015 12:21:18 Installiert VAIO Hardware Diagnostics
21-04-2015 19:28:30 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0912766A-F3D0-4242-88E1-CC6676AC3478} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {0A7E9A17-7A8B-4952-909A-8FBB3D57215F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {1138DC6F-66CD-49AB-949C-9E13341CE715} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {126FD3F2-AB54-4D2E-A3B8-A7ADEC4AB635} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {1627D5DA-2037-48A0-BEDF-F96C4E86B145} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {1BB8C29E-66B2-48BF-A857-AE48EA6B7D8F} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {1F34AB51-CE98-47A7-877C-1B29CDD18700} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {31668625-3A7A-45E7-A7BA-C1026058F376} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {3A22B7FF-1B99-4514-8321-D43A37E96519} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {3A6F6DF5-4E35-403A-BECA-BC6E0C9BDD76} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {56C38484-B9B2-4885-9B5F-9941444D978D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5932B7C8-511A-423D-AE2F-F18A0AB8B9A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {669D5E91-3262-4137-9F3E-252715F470BD} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {6942C439-36F3-4583-8412-A8E251A42A9B} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {6D7FD032-5500-4D9A-A368-AA2BFACD9596} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6EB8BF52-A2BA-4DB0-B081-D9C9B9326B50} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {766C73B2-1DE3-4225-B90E-D542DE32E65B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {867CA1B7-DA2F-4768-91CA-F00FBDA3E236} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {877D3ECE-0AA1-42C1-AF84-718918A9C48D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {8F9B7BCE-D3CC-49D7-821F-B16DE1C7559C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {92885FB8-27FF-462B-999C-0828B3E45908} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9D38D3B7-644F-4BA2-868D-29D075A0C5D2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9E99D3D5-8E36-4114-8938-1A5A0485B209} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {AA895FD5-C8F9-4362-AC0D-449BA761B816} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BF1F4793-5373-4E06-A940-14B107BB9CF3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D2B0DF18-BE05-44AB-9C45-605F2558C9C7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {E1E6F237-4DF5-4C71-A459-10593DAB5DA8} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E2E416E3-859E-4C0F-954C-FB7AD7E18765} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {E5608EAE-71C4-418E-B7FA-9C390724A001} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {EBDF3323-C3EF-4439-8F4C-DE6FDB95C413} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {EF606058-2E61-4474-812D-8A0DFA6EA591} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {F20E10B1-AC6F-46E8-85E8-36468F325251} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {F592ECC1-0AED-4D38-8652-83B102B96AD1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-16] (Microsoft Corporation)
Task: {F85830A2-C04B-4705-80AD-F4A7B134C46F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {F8E8E42C-7D79-47FF-9E31-0EABE3972145} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-04 06:19 - 2014-12-04 06:19 - 00029184 _____ () C:\WINDOWS\System32\sst9clm.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-31 02:23 - 2013-05-31 02:23 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-31 02:19 - 2013-05-31 02:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-31 02:53 - 2013-05-31 02:53 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-05-31 02:59 - 2013-05-31 02:59 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-05-31 02:09 - 2013-05-31 02:09 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2012-09-25 17:14 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-03 12:57 - 1999-03-02 09:12 - 00372736 _____ () C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\KSDB32.DLL
2014-04-03 12:57 - 2008-07-10 10:06 - 00430080 _____ () C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmricapi.dll
2014-04-03 12:57 - 2004-12-02 19:07 - 00384000 _____ () C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmritapi.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-09-25 17:42 - 2012-06-25 15:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-09-25 17:54 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-11-19 11:21 - 2013-11-19 11:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Katja\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\leverage full cast.jpg
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Katja\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\leverage full cast.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2015 11:15:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2670

Startzeit: 01d07c2caf3c8aa2

Endzeit: 140

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID: 7922858b-e86b-11e4-be91-083e8eb7797a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/20/2015 10:36:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0x1474
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/18/2015 00:54:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0x11ec
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/18/2015 00:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0x1bd8
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/18/2015 00:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VCAgent.exe, Version: 8.4.2.12030, Zeitstempel: 0x5476d099
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ff9dc64b0f1
ID des fehlerhaften Prozesses: 0x1d94
Startzeit der fehlerhaften Anwendung: 0xVCAgent.exe0
Pfad der fehlerhaften Anwendung: VCAgent.exe1
Pfad des fehlerhaften Moduls: VCAgent.exe2
Berichtskennung: VCAgent.exe3
Vollständiger Name des fehlerhaften Pakets: VCAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VCAgent.exe5

Error: (04/18/2015 00:37:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (04/18/2015 11:06:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x820
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (04/18/2015 10:21:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ISBMgr.exe, Version: 5.0.0.8170, Zeitstempel: 0x502e7367
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x12c4
Startzeit der fehlerhaften Anwendung: 0xISBMgr.exe0
Pfad der fehlerhaften Anwendung: ISBMgr.exe1
Pfad des fehlerhaften Moduls: ISBMgr.exe2
Berichtskennung: ISBMgr.exe3
Vollständiger Name des fehlerhaften Pakets: ISBMgr.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ISBMgr.exe5

Error: (04/18/2015 10:21:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Name des fehlerhaften Moduls: OcpHelper.exe, Version: 3.2.226.0, Zeitstempel: 0x52e6a3c7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00000000000c6939
ID des fehlerhaften Prozesses: 0x12ec
Startzeit der fehlerhaften Anwendung: 0xOcpHelper.exe0
Pfad der fehlerhaften Anwendung: OcpHelper.exe1
Pfad des fehlerhaften Moduls: OcpHelper.exe2
Berichtskennung: OcpHelper.exe3
Vollständiger Name des fehlerhaften Pakets: OcpHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OcpHelper.exe5

Error: (04/17/2015 11:17:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SOPHIE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (04/24/2015 01:45:57 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (04/24/2015 00:47:21 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (04/21/2015 02:12:53 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (04/20/2015 10:35:46 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (04/20/2015 10:35:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mcpltsvc erreicht.

Error: (04/18/2015 00:51:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VAIO Event Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (04/18/2015 00:51:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2015 00:51:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2015 00:51:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PMBDeviceInfoProvider" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/18/2015 00:51:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/21/2015 11:15:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416267001d07c2caf3c8aa2140C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE7922858b-e86b-11e4-be91-083e8eb7797a

Error: (04/20/2015 10:36:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c6939147401d07ba9980c976fC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exedb7d06a1-e79c-11e4-be91-083e8eb7797a

Error: (04/18/2015 00:54:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c693911ec01d079c5fe9fe77dC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exe3e3ec575-e5b9-11e4-be91-083e8eb7797a

Error: (04/18/2015 00:39:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c69391bd801d079c3f1a9bcdfC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exe34250e4f-e5b7-11e4-be90-083e8eb7797a

Error: (04/18/2015 00:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ff9dc64b0f11d9401d079b14d0adb34C:\Program Files\Sony\VAIO Care\VCAgent.exeunknownd7ddf3c1-e5b6-11e4-be8f-083e8eb7797a

Error: (04/18/2015 00:37:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: VCAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
Stapel:
   bei VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)
   bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   bei System.Windows.Application.RunInternal(System.Windows.Window)
   bei System.Windows.Application.Run()
   bei VCAgent.App.Main()

Error: (04/18/2015 11:06:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9unknown0.0.0.000000000c00004090000000082001d079b6efa01335C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown3d748027-e5aa-11e4-be8f-083e8eb7797a

Error: (04/18/2015 10:21:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ISBMgr.exe5.0.0.8170502e7367unknown0.0.0.000000000000000000000000012c401d079b09b8eaa36C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exeunknowndd413b46-e5a3-11e4-be8f-083e8eb7797a

Error: (04/18/2015 10:21:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: OcpHelper.exe3.2.226.052e6a3c7OcpHelper.exe3.2.226.052e6a3c74000001500000000000c693912ec01d079b09db57089C:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exeC:\Program Files\McAfeeEx\MOCP\core\OcpHelper.exedc874173-e5a3-11e4-be8f-083e8eb7797a

Error: (04/17/2015 11:17:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SOPHIE)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174


CodeIntegrity Errors:
===================================
  Date: 2015-04-13 05:08:54.179
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-04-10 04:28:48.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-03-11 06:44:54.544
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 8069.28 MB
Available physical RAM: 4239.15 MB
Total Pagefile: 9541.28 MB
Available Pagefile: 4045.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (John McRory) (Fixed) (Total:267.65 GB) (Free:207.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 3693E23B)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka · 24.04.2015, 16:04

Hi,
FRST.txt fehlt noch...

MissMorgan · 06.05.2015, 20:49

Komisch, wenn ich den IE benutze geht hier alles klar, im Chrome öffnen sich immer weiter Fenster wenn ich hier im Trojaner-Board auf etwas klicke.

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Katja (administrator) on SOPHIE on 06-05-2015 21:42:06
Running from C:\Users\Katja\Downloads
Loaded Profiles: Katja &  (Available profiles: Katja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(telegate MEDIA AG) C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmon.exe
(telegate MEDIA AG) C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kstart32.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Config.Msi\529ad04a.rbf
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\networkclient.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcupdmgr.exe
(McAfee, Inc.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcinfo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Dropbox, Inc.) C:\Users\Katja\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcchhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] (Atheros Communications)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\...\Run: [GoogleChromeAutoLaunch_F9A37A179D42A9D4DAEF4203F1E45541] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_F9A37A179D42A9D4DAEF4203F1E45541] => "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-04-13]
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-04-13]
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk [2012-09-25]
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-04-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-06-22]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-06]
ShortcutTarget: Dropbox.lnk -> C:\Users\Katja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Inversmonitor.lnk [2014-04-03]
ShortcutTarget: Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Inversmonitor.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kmon.exe (telegate MEDIA AG)
Startup: C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Schnellstarter.lnk [2014-04-03]
ShortcutTarget: Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014 - Schnellstarter.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch + Rückwärtssuche Frühjahr 2014\kstart32.exe (telegate MEDIA AG)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Katja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-05-05] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:64594;https=127.0.0.1:64594
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu/
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu/
HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1175517667-2539168784-3350642445-1001 -> DefaultScope {65F4CD48-097B-4D99-8D7C-EBB500536552} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE128D20150413&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1175517667-2539168784-3350642445-1001 -> {65F4CD48-097B-4D99-8D7C-EBB500536552} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE128D20150413&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {65F4CD48-097B-4D99-8D7C-EBB500536552} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE128D20150413&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {65F4CD48-097B-4D99-8D7C-EBB500536552} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE128D20150413&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-05-31] (Qualcomm Atheros Commnucations)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-04-13] (McAfee)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-04] (Oracle Corporation)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-04-13] (McAfee)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-04] (Oracle Corporation)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-04-13] (McAfee)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-04-13] (McAfee)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-01-28] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2014-04-25] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: GMX Suche
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=A111DE128&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-04] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\englische-ergebnisse.xml [2014-06-22]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\gmx-suche.xml [2014-06-22]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\lastminute.xml [2014-06-22]
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\searchplugins\webde-suche.xml [2014-06-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-04-14]
FF Extension: firefoxbookmarkcheckereverhelperme - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\firefoxbookmarkchecker@everhelper.me [2015-04-05]
FF Extension: jid1CGxMej0nDJTjwQjetpack - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\jid1-CGxMej0nDJTjwQ@jetpack [2015-04-05]
FF Extension: GMX MailCheck - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\toolbar@gmx.net [2015-02-28]
FF Extension: McAfee SafeKey - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\euwnwfvp.default\Extensions\{072844D3-7DEE-45F6-A406-E87F76302E4B} [2015-04-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-04-13]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-04-13]
FF HKU\S-1-5-21-1175517667-2539168784-3350642445-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-1175517667-2539168784-3350642445-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome: 
=======
CHR Profile: C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (McAfee SafeKey) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbnjankikoaabjkmfbaceggjliabkbn [2015-04-14]
CHR Extension: (Google Docs) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (djaoeafihpfaakkpdobmhedohgnmhpbp) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\djaoeafihpfaakkpdobmhedohgnmhpbp [2015-04-05]
CHR Extension: (SiteAdvisor) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-04-14]
CHR Extension: (Bookmark Manager) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (nbglmejghppifhhbdhbaijiagbaedeec) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbglmejghppifhhbdhbaijiagbaedeec [2015-04-05]
CHR Extension: (Google Wallet) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-13]
CHR HKLM-x32\...\Chrome\Extension: [agbnjankikoaabjkmfbaceggjliabkbn] - C:\Program Files (x86)\SafeKey\lpchrome.crx [2015-04-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0102161429648665mcinstcleanup; C:\WINDOWS\TEMP\010216~1.EXE [883024 2015-04-06] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189912 2015-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [506928 2013-02-05] (Samsung Electronics Co., Ltd.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-06] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2015-04-13] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2015-02-28] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-06 21:42 - 2015-05-06 21:42 - 00001162 _____ () C:\Users\Katja\Desktop\FRST64.lnk
2015-05-06 21:41 - 2015-05-06 21:41 - 00000000 ____D () C:\Users\Katja\Downloads\FRST-OlderVersion
2015-05-06 19:49 - 2015-05-06 20:55 - 00000000 ____D () C:\Users\Katja\Documents\Hundetrainer §11 Normen
2015-05-06 19:40 - 2015-05-06 19:41 - 00000000 ___RD () C:\Users\Katja\Dropbox
2015-05-06 19:40 - 2015-05-06 19:40 - 00001185 _____ () C:\Users\Katja\Desktop\Dropbox.lnk
2015-05-06 19:38 - 2015-05-06 19:38 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-06 19:36 - 2015-05-06 19:41 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Dropbox
2015-05-04 13:55 - 2015-05-04 13:55 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-05-04 13:55 - 2015-05-04 13:55 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-04 13:54 - 2015-05-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-04 13:50 - 2015-05-04 13:49 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-05-04 13:49 - 2015-05-04 13:49 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-04 13:49 - 2015-05-04 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-24 13:58 - 2015-04-24 13:58 - 00002470 _____ () C:\Users\Katja\Desktop\mbam-log-2015-04-24 (13-22-02).xml
2015-04-18 13:32 - 2015-04-18 13:32 - 00002470 _____ () C:\Users\Katja\Desktop\mbam-log-2015-04-18 (12-59-18).xml
2015-04-16 00:22 - 2015-05-06 21:40 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 23:43 - 2015-05-06 21:39 - 00001089 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-15 23:43 - 2015-05-06 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-15 23:43 - 2015-05-06 21:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-15 23:43 - 2015-04-15 23:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-15 23:43 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-15 23:43 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-15 23:43 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-15 23:40 - 2015-04-15 23:40 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Katja\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-04-15 23:24 - 2015-04-15 23:24 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Katja\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-15 22:57 - 2015-04-15 22:59 - 00041997 _____ () C:\Users\Katja\Downloads\Addition.txt
2015-04-15 22:55 - 2015-05-06 21:43 - 00036473 _____ () C:\Users\Katja\Downloads\FRST.txt
2015-04-15 22:54 - 2015-05-06 21:42 - 00000000 ____D () C:\FRST
2015-04-15 22:51 - 2015-05-06 21:41 - 02102272 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2015-04-15 21:41 - 2015-04-15 21:41 - 00004976 _____ () C:\Users\Katja\Desktop\Websitenproblem.odt
2015-04-15 21:16 - 2015-04-15 21:16 - 00001066 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-04-15 21:16 - 2015-04-15 21:16 - 00001046 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-04-15 21:16 - 2015-04-15 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-04-15 20:53 - 2015-04-15 20:53 - 04625104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Katja\Downloads\avira_de_av_552eb36c98e81__wsm.exe
2015-04-15 20:53 - 2015-04-15 20:53 - 00001198 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\ProgramData\Avira
2015-04-15 20:53 - 2015-04-15 20:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-15 20:11 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 20:11 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 20:11 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 20:11 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 20:11 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 20:11 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 20:11 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 20:11 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 20:11 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 20:11 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 20:11 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 20:11 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 20:10 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 20:10 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 20:10 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 20:10 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 20:10 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 20:10 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 20:10 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 20:10 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 20:10 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 20:10 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 20:10 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 20:10 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 20:10 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 20:10 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 20:10 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 20:10 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 20:10 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 20:10 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 20:10 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 20:10 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 20:10 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 20:10 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 20:10 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 20:10 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 20:10 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 20:10 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 20:09 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 20:09 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 20:09 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 20:09 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-14 08:43 - 2015-04-18 12:50 - 00000000 ____D () C:\AdwCleaner
2015-04-14 08:41 - 2015-04-14 08:41 - 02217984 _____ () C:\Users\Katja\Downloads\adwcleaner_4.201.exe
2015-04-14 08:26 - 2015-04-14 08:27 - 00560552 _____ (Oracle Corporation) C:\Users\Katja\Downloads\jre-8u40-windows-i586-iftw.exe
2015-04-14 07:31 - 2015-04-14 07:31 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-13 13:26 - 2015-04-13 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-13 13:26 - 2015-04-13 13:26 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2015-04-13 13:25 - 2015-04-13 13:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-13 13:24 - 2015-04-13 13:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-13 13:23 - 2015-04-13 13:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-13 13:23 - 2015-04-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-13 13:19 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-13 13:19 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-13 13:19 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-04-13 13:19 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-04-13 13:18 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-13 13:18 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-04-13 13:18 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-04-13 13:18 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-04-13 13:18 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-04-13 13:18 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-04-13 13:18 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-04-13 13:18 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-04-13 13:18 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-04-13 13:18 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-04-13 13:18 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-04-13 13:18 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-04-13 13:18 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-04-13 13:18 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-04-13 13:18 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-04-13 13:18 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-04-13 13:18 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-04-13 13:18 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-04-13 13:18 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-04-13 13:18 - 2014-11-08 06:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-13 13:18 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-04-13 13:18 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-04-13 13:18 - 2014-11-08 05:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-13 13:18 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-04-13 13:18 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-04-13 13:18 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-04-13 13:18 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-04-13 13:18 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-04-13 13:18 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-04-13 13:18 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-04-13 13:18 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-04-13 13:18 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-04-13 13:18 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-04-13 13:18 - 2014-11-08 04:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-13 13:18 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-04-13 13:18 - 2014-11-08 03:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-13 13:18 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-04-13 13:18 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-04-13 13:18 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-04-13 13:18 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-04-13 13:18 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-04-13 13:18 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-04-13 13:18 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-04-13 13:18 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-04-13 13:18 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-04-13 13:18 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-04-13 13:18 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-04-13 13:18 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-04-13 13:18 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-04-13 13:18 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-04-13 13:18 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-04-13 13:18 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-04-13 13:18 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-04-13 13:18 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-04-13 13:18 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-04-13 13:18 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-04-13 13:18 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-04-13 13:18 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-04-13 13:18 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-04-13 13:18 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-04-13 13:18 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-04-13 13:18 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-04-13 13:18 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-04-13 13:18 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-04-13 13:18 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-04-13 13:18 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-04-13 13:18 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-04-13 13:18 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-04-13 13:18 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-04-13 13:18 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-04-13 13:18 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-04-13 13:18 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-04-13 13:18 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-04-13 13:18 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-04-13 13:18 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-04-13 13:18 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-04-13 13:18 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-04-13 13:18 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-04-13 13:18 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-04-13 13:16 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-13 13:16 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-13 13:16 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-13 13:16 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-13 13:16 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-13 13:16 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-13 13:16 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-13 13:16 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-13 13:16 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-13 13:16 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-13 13:16 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-13 13:16 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-13 13:16 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-13 13:16 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-13 13:16 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-13 13:16 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-13 13:16 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-13 13:16 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-13 13:16 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-13 13:15 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-13 13:15 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-13 13:15 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-04-13 13:07 - 2015-05-04 13:59 - 00001871 _____ () C:\Users\Public\Desktop\McAfee All Access – Total Protection.lnk
2015-04-13 13:05 - 2015-05-04 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-04-13 13:05 - 2015-04-20 22:36 - 00000000 __RSD () C:\Users\Katja\Documents\McAfee-Tresore
2015-04-13 13:05 - 2015-04-13 13:11 - 00000000 ____D () C:\Program Files (x86)\SafeKey
2015-04-13 13:05 - 2015-04-13 13:05 - 00000000 ____D () C:\Users\Katja\AppData\Local\McAfee File Lock
2015-04-13 13:05 - 2015-04-13 13:05 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2015-04-13 13:05 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-04-13 13:05 - 2013-09-09 11:11 - 00074560 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\McPvDrv.sys
2015-04-13 13:04 - 2015-04-13 13:06 - 00000000 ____D () C:\Program Files\McAfee
2015-04-13 13:04 - 2015-04-13 13:04 - 00000000 ____D () C:\Program Files\McAfee.com
2015-04-13 13:03 - 2015-04-15 06:56 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-13 12:52 - 2015-04-13 12:52 - 00000000 ____D () C:\Quarantine
2015-04-13 12:51 - 2015-04-13 13:06 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-04-13 12:51 - 2015-04-13 12:55 - 00000000 ____D () C:\Program Files\stinger
2015-04-13 12:51 - 2015-04-13 12:52 - 00189912 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2015-04-13 12:50 - 2015-04-13 12:51 - 05159072 _____ (McAfee, Inc.) C:\Users\Katja\Downloads\Setup_serial_tWKooDA_bHetTQxNBnePKQ2_key(1).exe
2015-04-13 12:50 - 2015-04-13 12:50 - 05159072 _____ (McAfee, Inc.) C:\Users\Katja\Downloads\Setup_serial_tWKooDA_bHetTQxNBnePKQ2_key.exe
2015-04-13 12:22 - 2015-04-13 12:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-04-13 12:22 - 2015-04-13 12:22 - 00000000 ____D () C:\Program Files\DIFX
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Gast\AppData\Local\Packages
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Gast
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-04-13 12:21 - 2015-04-13 12:21 - 00000000 ____D () C:\Users\Administrator
2015-04-12 20:45 - 2015-04-12 20:45 - 00000000 ____D () C:\ProgramData\Doctor Web
2015-04-12 20:38 - 2015-04-12 21:08 - 00000000 ____D () C:\Users\Katja\Doctor Web
2015-04-12 20:36 - 2015-04-12 20:37 - 165319680 _____ () C:\Users\Katja\Downloads\DRWeb.exe
2015-04-09 19:56 - 2015-04-09 20:02 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-09 19:56 - 2015-04-09 19:56 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-08 22:47 - 2015-04-12 19:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-08 20:12 - 2015-04-08 20:12 - 00243241 _____ () C:\Users\Katja\Desktop\Map.html
2015-04-08 20:12 - 2015-04-08 20:12 - 00000000 ____D () C:\Users\Katja\Desktop\Map_files

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-06 21:42 - 2012-09-25 17:43 - 00000000 ____D () C:\ProgramData\MOCP
2015-05-06 21:34 - 2015-03-25 20:23 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 21:30 - 2015-03-10 07:01 - 01623606 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-06 21:01 - 2013-02-19 14:23 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-06 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-06 19:44 - 2013-02-07 00:53 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1175517667-2539168784-3350642445-1001
2015-05-06 19:40 - 2015-03-10 06:37 - 00000000 ____D () C:\Users\Katja
2015-05-06 19:34 - 2015-03-25 20:23 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 15:27 - 2013-02-19 14:03 - 00000000 ____D () C:\Users\Katja\AppData\Local\Adobe
2015-05-04 15:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-04 13:54 - 2012-09-25 17:40 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-04 13:49 - 2012-09-25 17:19 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-21 19:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-21 05:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-20 22:35 - 2015-03-10 13:15 - 00000000 ____D () C:\Users\Katja\OneDrive
2015-04-18 12:51 - 2014-11-20 20:24 - 00200182 _____ () C:\WINDOWS\PFRO.log
2015-04-18 12:51 - 2013-08-22 16:46 - 00287045 _____ () C:\WINDOWS\setupact.log
2015-04-18 12:51 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-18 12:51 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-18 12:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-04-16 01:30 - 2014-04-03 12:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-16 01:30 - 2013-02-07 00:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 01:19 - 2013-02-07 13:43 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-16 01:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-16 01:16 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 01:15 - 2012-07-26 07:26 - 00000199 _____ () C:\WINDOWS\win.ini
2015-04-15 21:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-15 21:16 - 2013-02-20 00:44 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-04-15 20:08 - 2013-02-19 14:23 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-15 06:56 - 2012-09-25 17:21 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-14 08:01 - 2012-09-25 18:05 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-04-14 08:01 - 2012-09-25 18:03 - 00000000 ____D () C:\ProgramData\WildTangent
2015-04-14 07:44 - 2014-11-21 05:35 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-14 07:44 - 2014-11-21 04:45 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-14 07:44 - 2014-11-21 04:45 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-14 07:41 - 2013-02-07 01:14 - 00000000 ____D () C:\Update
2015-04-14 07:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-04-14 07:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-04-14 07:31 - 2014-11-21 12:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-14 01:24 - 2014-11-21 13:01 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-21 13:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 13:26 - 2015-02-28 23:11 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-04-13 13:26 - 2013-08-22 16:46 - 00000262 _____ () C:\WINDOWS\setuperr.log
2015-04-13 13:24 - 2014-06-22 21:03 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-13 13:23 - 2013-02-07 01:10 - 00000000 ____D () C:\ProgramData\Skype
2015-04-13 13:05 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-04-13 12:52 - 2014-06-20 10:26 - 00786296 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\mfehidk.sys
2015-04-13 12:23 - 2012-09-25 17:31 - 00001587 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2015-04-13 12:23 - 2012-09-25 17:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-13 12:22 - 2012-09-25 17:07 - 00039416 _____ () C:\WINDOWS\DPINST.LOG
2015-04-13 12:22 - 2012-09-25 17:07 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-04-13 12:21 - 2012-09-25 17:23 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-13 12:20 - 2012-09-25 17:54 - 00000000 ____D () C:\Program Files\Sony
2015-04-13 12:15 - 2015-02-28 23:06 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\iolo
2015-04-13 12:14 - 2013-02-07 00:48 - 00000000 ____D () C:\Users\Katja\AppData\Local\Sony Corporation
2015-04-12 21:10 - 2013-02-19 13:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-12 19:50 - 2015-03-25 21:24 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-09 20:01 - 2013-08-22 16:44 - 00481504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-09 19:59 - 2015-03-01 00:16 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-04-09 19:57 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-09 19:56 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories =======

2015-04-13 13:06 - 2015-04-13 13:06 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe

Some content of TEMP:
====================
C:\Users\Katja\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpekgndg.dll
C:\Users\Katja\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Katja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 15:02

==================== End Of Log ============================

--- --- ---

15.04.2015, 22:23	#6
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text Das ist nicht das Adwcleaner-Log... __________________ --> Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text

15.04.2015, 22:43	#8
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text Funde löschen lassen und weiter mit dem nächsten Schritt. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

24.04.2015, 16:04	#14
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text Hi, FRST.txt fehlt noch... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text

Plagegeister aller Art und deren Bekämpfung: Windows 8.1, Vaio Notebook, Werbewebsiten und Bilder öffnen sich, Links im Text