Trojaner-Board - HILFE!!! Vor zwei Tagen einen GFU Trojaner auf Windows 8 sony vaio eingefangen. nichts geht mehr!!!

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-07-2013

Ran by SYSTEM on 23-07-2013 18:46:41

Running from D:\

Windows 8 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Recovery
 

The current controlset is ControlSet001
 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)

HKLM\...\Policies\Explorer\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))

HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1532992 2013-03-13] (McAfee, Inc.)

HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [68776 2012-08-18] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)

HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2012-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Intel AppUp(R) center] - "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [156000 2012-10-04] (Intel Corporation)

HKLM-x32\...\Run: [mcpltui_exe] - "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui [299648 2012-07-24] (McAfee, Inc.)

HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Java\jre7\bin\jusched.exe" [x]

HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe [x]

HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)

HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)

HKU\Joana\...\Run: [SkyDrive] - "C:\Users\Joana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [257136 2013-07-05] (Microsoft Corporation)

HKU\Joana\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)

HKU\Joana\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Joana\AppData\Local\Temp\xmhevgoyfjuaxokvp.exe [60928 2013-07-20] (Cisco Systems, Inc.) <===== ATTENTION

HKU\Joana\...\Winlogon: [Shell] cmd.exe [404992 2012-07-26] (Microsoft Corporation) <==== ATTENTION 

HKU\Joana\...\Command Processor: "C:\Users\Joana\AppData\Local\Temp\xmhevgoyfjuaxokvp.exe" <===== ATTENTION!

Startup: C:\Users\Joana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk

ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Joana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk

ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

BootExecute: autocheck autochk * 
 

==================== Services (Whitelisted) =================
 

S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)

S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)

S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)

S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)

S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)

S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)

S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)

S2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2769552 2013-05-09] (McAfee, Inc.)

S2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-17] (Sony Corporation)

S2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1872568 2013-04-19] (Microsoft Corporation)

S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)

S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()

S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
 

==================== Drivers (Whitelisted) ====================
 

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)

S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)

S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)

S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)

S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)

S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)

S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)

S3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-07-23 18:42 - 2013-07-23 18:42 - 00000000 ____D C:\FRST

2013-07-21 21:06 - 2013-07-21 21:07 - 00458032 _____ C:\Windows\System32\FNTCACHE.DAT

2013-07-21 20:15 - 2013-06-01 12:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys

2013-07-21 20:15 - 2013-06-01 12:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys

2013-07-21 20:15 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2013-07-21 20:15 - 2013-06-01 12:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-07-21 20:15 - 2013-06-01 12:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS

2013-07-21 20:15 - 2013-06-01 12:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS

2013-07-21 20:15 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-07-21 20:15 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys

2013-07-21 20:15 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2013-07-21 20:15 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-07-21 20:15 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll

2013-07-21 20:15 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll

2013-07-21 20:15 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll

2013-07-21 20:15 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll

2013-07-21 20:15 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2013-07-21 20:15 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\System32\vds.exe

2013-07-21 20:15 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-07-21 20:15 - 2013-06-01 10:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll

2013-07-21 20:15 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\vdsutil.dll

2013-07-21 20:15 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\System32\MbaeParserTask.exe

2013-07-21 20:15 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll

2013-07-21 20:15 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll

2013-07-21 20:15 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll

2013-07-21 20:15 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll

2013-07-21 20:15 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll

2013-07-21 20:15 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\System32\mscms.dll

2013-07-21 20:15 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll

2013-07-21 20:15 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSetupManager.dll

2013-07-21 20:15 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys

2013-07-21 20:15 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi

2013-07-21 20:15 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe

2013-07-21 20:15 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi

2013-07-21 20:15 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe

2013-07-21 20:15 - 2013-05-20 01:08 - 00386642 _____ C:\Windows\System32\ApnDatabase.xml

2013-07-21 20:05 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys

2013-07-21 19:48 - 2013-07-21 19:48 - 00003584 ____N C:\bootsqm.dat

2013-07-20 04:35 - 2013-07-20 04:35 - 01084739 _____ C:\ProgramData\2433f433

2013-07-20 04:35 - 2013-07-20 04:35 - 01084722 _____ C:\Users\Joana\AppData\Local\2433f433

2013-07-20 04:35 - 2013-07-20 04:35 - 01084716 _____ C:\Users\Joana\AppData\Roaming\2433f433

2013-07-19 14:26 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll

2013-07-19 14:26 - 2013-05-04 05:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll

2013-07-19 14:25 - 2013-05-04 08:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS

2013-07-19 14:25 - 2013-05-04 08:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys

2013-07-19 14:25 - 2013-05-04 08:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe

2013-07-19 14:25 - 2013-05-04 07:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll

2013-07-19 14:25 - 2013-05-04 07:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll

2013-07-19 14:25 - 2013-05-04 07:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll

2013-07-19 14:25 - 2013-05-04 07:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll

2013-07-19 14:25 - 2013-05-04 07:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll

2013-07-19 14:25 - 2013-05-04 07:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll

2013-07-19 14:25 - 2013-05-04 07:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe

2013-07-19 14:25 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe

2013-07-19 14:25 - 2013-05-04 05:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2013-07-19 14:25 - 2013-05-04 05:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2013-07-19 14:25 - 2013-05-04 05:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2013-07-19 14:25 - 2013-05-04 05:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2013-07-19 14:25 - 2013-05-04 05:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll

2013-07-19 14:25 - 2013-05-04 05:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

2013-07-19 14:25 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll

2013-07-19 14:25 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll

2013-07-19 14:25 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll

2013-07-19 14:25 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll

2013-07-19 14:25 - 2013-05-04 05:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-07-19 14:25 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll

2013-07-19 14:25 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll

2013-07-19 14:25 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll

2013-07-19 14:25 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll

2013-07-19 14:25 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl

2013-07-19 14:25 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs

2013-07-19 14:24 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\System32\AuthHost.exe

2013-07-19 14:24 - 2013-05-04 07:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll

2013-07-19 14:24 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\System32\VSSVC.exe

2013-07-19 14:24 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\System32\Magnify.exe

2013-07-19 14:24 - 2013-05-04 07:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\System32\stobject.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\storewuauth.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\System32\netplwiz.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\System32\netprofm.dll

2013-07-19 14:24 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\System32\biwinrt.dll

2013-07-19 14:24 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll

2013-07-19 14:24 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\System32\intl.cpl

2013-07-19 14:24 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\Windows\System32\rars.rs

2013-07-19 14:24 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys

2013-07-19 14:03 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll

2013-07-19 14:03 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2013-07-15 21:25 - 2013-05-15 23:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\tssdisai.dll

2013-07-14 21:48 - 2013-05-24 00:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll

2013-07-14 21:48 - 2013-05-23 23:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2013-07-12 11:29 - 2013-07-12 11:29 - 00000000 ____D C:\Users\Joana\AppData\Roaming\WildTangent

2013-07-11 13:01 - 2013-06-12 00:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-07-11 13:01 - 2013-06-12 00:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-07-11 13:01 - 2013-06-12 00:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-07-11 13:01 - 2013-06-12 00:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-07-11 13:01 - 2013-06-12 00:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-07-11 13:01 - 2013-06-12 00:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-07-11 13:01 - 2013-06-12 00:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-07-11 13:01 - 2013-06-12 00:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-07-11 13:01 - 2013-06-12 00:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-07-11 13:01 - 2013-06-12 00:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-07-11 13:01 - 2013-06-12 00:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-07-11 13:01 - 2013-06-12 00:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-07-11 13:01 - 2013-06-12 00:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-07-11 13:01 - 2013-06-12 00:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-07-11 13:01 - 2013-06-12 00:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-07-11 13:01 - 2013-06-12 00:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-07-11 13:01 - 2013-06-12 00:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-07-11 13:01 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-07-11 13:01 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll

2013-07-11 13:01 - 2013-05-31 00:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-07-11 13:01 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL

2013-07-11 13:01 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-07-11 13:01 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-07-11 13:01 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-07-10 11:26 - 2013-07-10 11:26 - 00007973 _____ C:\Users\Joana\AppData\Local\recently-used.xbel

2013-07-07 21:35 - 2013-07-07 21:45 - 00000000 ___RD C:\Users\Joana\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

2013-07-07 21:08 - 2013-07-07 21:08 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-07-07 21:07 - 2013-07-07 21:08 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-07-07 21:04 - 2013-07-07 21:04 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-07-07 21:03 - 2013-07-07 21:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-07-07 21:03 - 2013-07-07 21:04 - 00000000 ____D C:\Program Files\iTunes

2013-07-07 21:03 - 2013-07-07 21:04 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-07-07 21:03 - 2013-07-07 21:03 - 00000000 ____D C:\Program Files\iPod

2013-07-04 21:54 - 2013-07-07 21:53 - 00000000 ____D C:\Users\Joana\Desktop\Peter

2013-06-29 13:00 - 2013-07-21 22:34 - 00000324 _____ C:\Windows\Tasks\PrintProjects Communicator.job

2013-06-29 13:00 - 2013-06-29 14:32 - 00000000 ___RD C:\Users\Joana\Documents\RocketLifeNetwork

2013-06-29 13:00 - 2013-06-29 13:00 - 00003246 _____ C:\Windows\System32\Tasks\PrintProjects Communicator

2013-06-29 13:00 - 2013-06-29 13:00 - 00000000 ____D C:\Users\Joana\AppData\Roaming\Visan

2013-06-29 09:10 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\System32\autochk.exe

2013-06-29 09:10 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\System32\untfs.dll

2013-06-29 09:10 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe

2013-06-29 09:10 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll

2013-06-25 14:56 - 2013-07-10 11:14 - 00000000 ____D C:\Users\Joana\Desktop\Welpenhaus

2013-06-25 13:23 - 2013-06-25 13:23 - 00003288 _____ C:\Windows\System32\Tasks\{D472FBCE-DB03-4136-B9C1-3EC2FF2E0C9A}
 

==================== One Month Modified Files and Folders =======
 

2013-07-23 18:42 - 2013-07-23 18:42 - 00000000 ____D C:\FRST

2013-07-23 17:35 - 2013-04-18 12:50 - 00000000 ____D C:\ProgramData\Kodak

2013-07-23 17:35 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-07-23 17:08 - 2012-07-26 08:21 - 00026044 _____ C:\Windows\setupact.log

2013-07-23 04:56 - 2013-01-30 10:50 - 01911839 _____ C:\Windows\WindowsUpdate.log

2013-07-23 04:54 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\System32\sru

2013-07-22 18:21 - 2013-01-30 11:21 - 00000000 ____D C:\ProgramData\MOCP

2013-07-22 18:13 - 2012-07-26 08:28 - 01783300 _____ C:\Windows\System32\PerfStringBackup.INI

2013-07-21 22:34 - 2013-06-29 13:00 - 00000324 _____ C:\Windows\Tasks\PrintProjects Communicator.job

2013-07-21 22:34 - 2013-04-24 09:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-07-21 22:10 - 2013-01-30 10:23 - 00772388 _____ C:\Windows\System32\perfh007.dat

2013-07-21 22:10 - 2013-01-30 10:23 - 00161464 _____ C:\Windows\System32\perfc007.dat

2013-07-21 21:07 - 2013-07-21 21:06 - 00458032 _____ C:\Windows\System32\FNTCACHE.DAT

2013-07-21 21:01 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\System32\config\ELAM

2013-07-21 20:50 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData

2013-07-21 20:50 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore

2013-07-21 20:50 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2013-07-21 20:50 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2013-07-21 20:50 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\Dism

2013-07-21 20:49 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\Dism

2013-07-21 20:02 - 2012-07-26 06:26 - 00786432 ___SH C:\Windows\System32\config\BBI

2013-07-21 19:48 - 2013-07-21 19:48 - 00003584 ____N C:\bootsqm.dat

2013-07-20 06:06 - 2013-04-17 13:47 - 00005138 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JOANAVAIO-Joana JoanaVaio

2013-07-20 04:35 - 2013-07-20 04:35 - 01084739 _____ C:\ProgramData\2433f433

2013-07-20 04:35 - 2013-07-20 04:35 - 01084722 _____ C:\Users\Joana\AppData\Local\2433f433

2013-07-20 04:35 - 2013-07-20 04:35 - 01084716 _____ C:\Users\Joana\AppData\Roaming\2433f433

2013-07-20 04:26 - 2013-04-17 11:25 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2353595625-3027596916-252556977-1001

2013-07-20 04:17 - 2013-04-17 17:14 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9EEAADD3-4934-402D-B376-833899701029}

2013-07-20 04:16 - 2013-04-17 12:01 - 00000000 ___RD C:\Users\Joana\SkyDrive

2013-07-19 15:04 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent

2013-07-19 13:39 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing

2013-07-16 13:23 - 2013-04-19 11:16 - 00000000 ____D C:\Users\Joana\AppData\Local\CrashDumps

2013-07-14 17:40 - 2013-01-30 10:53 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-07-14 17:39 - 2012-08-03 03:22 - 00014130 _____ C:\Windows\PFRO.log

2013-07-14 17:36 - 2012-07-26 08:52 - 00000000 ____D C:\Program Files\Windows Journal

2013-07-14 17:36 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\System32\oobe

2013-07-12 12:52 - 2013-04-18 10:55 - 00000000 ____D C:\Users\Joana\Desktop\Erstes Hundezentrum Schäfer

2013-07-12 11:29 - 2013-07-12 11:29 - 00000000 ____D C:\Users\Joana\AppData\Roaming\WildTangent

2013-07-11 15:12 - 2013-04-17 21:29 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-07-11 11:52 - 2013-04-17 11:14 - 00000000 ____D C:\Users\Joana\AppData\Local\Packages

2013-07-10 13:17 - 2013-04-18 12:39 - 00000000 ____D C:\Users\Joana\.gimp-2.8

2013-07-10 11:26 - 2013-07-10 11:26 - 00007973 _____ C:\Users\Joana\AppData\Local\recently-used.xbel

2013-07-10 11:14 - 2013-06-25 14:56 - 00000000 ____D C:\Users\Joana\Desktop\Welpenhaus

2013-07-07 21:53 - 2013-07-04 21:54 - 00000000 ____D C:\Users\Joana\Desktop\Peter

2013-07-07 21:45 - 2013-07-07 21:35 - 00000000 ___RD C:\Users\Joana\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

2013-07-07 21:08 - 2013-07-07 21:08 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-07-07 21:08 - 2013-07-07 21:07 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-07-07 21:04 - 2013-07-07 21:04 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-07-07 21:04 - 2013-07-07 21:03 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-07-07 21:04 - 2013-07-07 21:03 - 00000000 ____D C:\Program Files\iTunes

2013-07-07 21:04 - 2013-07-07 21:03 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-07-07 21:03 - 2013-07-07 21:03 - 00000000 ____D C:\Program Files\iPod

2013-06-29 14:32 - 2013-06-29 13:00 - 00000000 ___RD C:\Users\Joana\Documents\RocketLifeNetwork

2013-06-29 14:32 - 2013-04-18 13:02 - 00000000 ____D C:\ProgramData\PrintProjects

2013-06-29 13:45 - 2013-04-17 11:15 - 00000000 ____D C:\Users\Joana\AppData\Local\VirtualStore

2013-06-29 13:39 - 2013-04-18 10:56 - 00000000 ____D C:\Users\Joana\Desktop\Opa Schriftverkehr

2013-06-29 13:00 - 2013-06-29 13:00 - 00003246 _____ C:\Windows\System32\Tasks\PrintProjects Communicator

2013-06-29 13:00 - 2013-06-29 13:00 - 00000000 ____D C:\Users\Joana\AppData\Roaming\Visan

2013-06-29 13:00 - 2013-04-18 13:02 - 00000000 ____D C:\ProgramData\Visan

2013-06-27 23:04 - 2013-05-24 19:59 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-06-27 23:04 - 2013-05-24 19:59 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-06-25 14:17 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache

2013-06-25 13:23 - 2013-06-25 13:23 - 00003288 _____ C:\Windows\System32\Tasks\{D472FBCE-DB03-4136-B9C1-3EC2FF2E0C9A}
 

==================== Known DLLs (Whitelisted) ================
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe

[2013-07-21 20:15] - [2013-06-01 12:34] - 2391280 ____A (Microsoft Corporation) 0E8E6463F81C80AFBED533E0F1F8895D
 

C:\Windows\SysWOW64\explorer.exe

[2013-07-21 20:15] - [2013-06-01 11:24] - 2106176 ____A (Microsoft Corporation) EAFE46B0292D2BD2467835E2ACF717CC
 

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys

[2013-07-21 20:15] - [2013-06-01 12:26] - 0327936 ____A (Microsoft Corporation) 78A5BBA3819FFFC62FFEC3E2220D102D
 
 

==================== EXE ASSOCIATION =====================
 

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK
 

==================== Restore Points  =========================
 

Restore point made on: 2013-07-04 16:54:25

Restore point made on: 2013-07-11 15:06:15

Restore point made on: 2013-07-14 17:34:29

Restore point made on: 2013-07-19 14:20:13
 

==================== Memory info =========================== 
 

Percentage of memory in use: 17%

Total physical RAM: 3975.27 MB

Available physical RAM: 3277.4 MB

Total Pagefile: 3975.27 MB

Available Pagefile: 3299.37 MB

Total Virtual: 8192 MB

Available Virtual: 8191.86 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:436.21 GB) (Free:359.91 GB) NTFS

Drive d: (16GB HAMA) (Removable) (Total:15.04 GB) (Free:12.41 GB) FAT32 (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 8E230C4B)
 

Partition: GPT Partition Type

========================================================

Disk: 1 (Size: 15 GB) (Disk ID: B0BCD68E)

No partition Table on disk 1.
 
 

LastRegBack: 2013-07-23 05:27
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

hallo aharonov,

sorry, ich war so srfreut hilfe zu bekommen, dass ich glatt das danke sagen vergessen habe. also, vielen dank schon mal!!!:singsing:

das klappt ja bisher super. toll das es leute wie dich gibt!!!
hier der additionallog

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2013

Ran by Joana at 2013-07-23 22:40:36

Running from C:\Users\Joana\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Reader XI (11.0.03)  MUI (x32 Version: 11.0.03)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)

aioscnnr (x32 Version: 6.1.4.0)

aioscnnr (x32 Version: 7.6.11.10)

Aloha TriPeaks (x32 Version: 2.2.0.98)

Apple Application Support (x32 Version: 2.3.4)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

Bejeweled 3 (x32 Version: 2.2.0.98)

Bonjour (Version: 3.0.0.10)

Build-a-lot: On Vacation (x32 Version: 2.2.0.110)

C4USelfUpdater (x32 Version: 1.00.0000)

center (x32 Version: 6.2.5.0)

Chuzzle Deluxe (x32 Version: 2.2.0.95)

Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)

CyberLink Power2Go 8 (x32 Version: 8.0.0.2126)

CyberLink PowerDVD (x32 Version: 9.0.5728.52)

essentials (x32 Version: 6.0.14.0)

FATE (x32 Version: 2.2.0.97)

FDUx86 (x32 Version: 1.0.0)

Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32)

iCloud (Version: 2.1.2.8)

Intel AppUp(R) center (x32 Version: 3.8.0.41505.25)

Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)

Intel(R) Processor Graphics (x32 Version: 9.17.10.2849)

Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)

Intel® Trusted Connect Service Client (Version: 1.24.388.1)

iTunes (Version: 11.0.4.4)

Java 7 Update 9 (64-bit) (Version: 7.0.90)

Java 7 Update 9 (x32 Version: 7.0.90)

Java Auto Updater (x32 Version: 2.1.9.0)

Java(TM) 6 Update 16 (x32 Version: 6.0.160)

KODAK All-in-One Software (x32 Version: 7.6.12.20)

KUx86 (x32 Version: 1.0.0)

Luxor HD (x32 Version: 2.2.0.110)

Mahjongg Artifacts (x32 Version: 2.2.0.110)

McAfee Internet Security (x32 Version: 11.6.511)

McAfee Parental Controls (x32 Version: 2.1.412.3)

Microsoft Office 365 Home Premium - de-de (Version: 15.0.4505.1006)

Microsoft SkyDrive (HKCU Version: 17.0.2011.0627)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)

ocr (x32 Version: 6.2.3.50)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4505.1006)

Office 15 Click-to-Run Licensing Component (Version: 15.0.4505.1006)

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4505.1006)

OpenOffice.org 3.1 (x32 Version: 3.1.9420)

P 2.8.2 (Version: 2.8.2)

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)

PlayMemories Home (x32 Version: 6.3.02.07270)

Polar Bowler (x32 Version: 2.2.0.97)

PreReq (x32 Version: 6.2.4.0)

PrintProjects (x32 Version: 1.0.0.11502)

Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.218)

QuickTime (x32 Version: 7.74.80.86)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)

Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)

Remote Keyboard (x32 Version: 1.2.0.09270)

Restore (x32 Version: 1.0.0)

Shared C Run-time for x64 (Version: 10.0.0)

SSLx64 (Version: 1.0.0)

SSLx86 (x32 Version: 1.0.0)

Synaptics Pointing Device Driver (Version: 16.2.16.2)

Update Installer for WildTangent Games App (x32)

Vacation Quest™ - Australia (x32 Version: 3.0.2.32)

VAIO - Remote-Tastatur (x32 Version: 1.2.0.09270)

VAIO - Remote-Tastatur mit PlayStation®3 (x32 Version: 1.2.0.09210)

VAIO - Xperia Link (x32 Version: 1.1.0.11020)

VAIO Care (Version: 8.2.0.15030)

VAIO Control Center (x32 Version: 6.1.0.10300)

VAIO Data Restore Tool (x32 Version: 1.10.0.07270)

VAIO Easy Connect (x32 Version: 8.2.0.14170)

VAIO Gate (x32 Version: 3.0.1.02270)

VAIO Gate Default (x32 Version: 3.1.0.10240)

VAIO Gesture Control (x32 Version: 2.1.0.10220)

VAIO Gesture Control (x32 Version: 2.1.1.13080)

VAIO Image Optimizer (x32 Version: 3.0.00.08170)

VAIO Improvement (x32 Version: 2.1.0.10220)

VAIO Media Server Settings (Version: 1.0.1.10170)

VAIO Movie Creator (x32 Version: 4.0.00.10170)

VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)

VAIO Update (x32 Version: 6.2.1.03260)

VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)

VAIO-Handbuch (x32 Version: 3.0.0.08100)

VAIO-Hardwarediagnose-Plugin für VAIO Care (x32 Version: 4.7.0.11070)

VAIO-Support für Übertragungen (x32 Version: 1.9.0.11060)

VCCx64 (Version: 1.0.0)

VCCx86 (x32 Version: 1.0.0)

VGClientX64 (Version: 1.0.0)

VHD (x32 Version: 1.0.0)

Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32)

VIx64 (Version: 1.0.0)

VIx86 (x32 Version: 1.0.0)

VMLx86 (x32 Version: 1.0.0)

VPMx64 (Version: 1.0.0)

VSSTx64 (Version: 1.0.0)

VSSTx86 (x32 Version: 1.0.0)

VU5x64 (Version: 1.0.0)

VU5x86 (x32 Version: 1.0.0)

VUx64 (Version: 1.0.0)

VUx86 (x32 Version: 1.0.0)

VWSTx86 (x32 Version: 1.0.0)

WildTangent Games App (x32 Version: 4.0.9.7)

WildTangent-Spiele (x32 Version: 1.0.4.0)

XperiaLinkx86 (x32 Version: 1.0.0)

Youda Jewel Shop (x32 Version: 3.0.2.32)
 

==================== Restore Points  =========================
 

04-07-2013 15:53:54 Geplanter Prüfpunkt

11-07-2013 14:05:41 Windows Update

14-07-2013 16:33:53 Windows Update

19-07-2013 13:19:49 Windows Update
 

==================== Hosts content: ==========================
 

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0267E7BA-7EB4-4175-96A4-A6CD01DA2734} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {03A2A95B-EF55-4977-B95C-EAD1F40E1C0E} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {0661FB25-0450-4253-82AC-9129EB9B8157} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect

Task: {0CDFB8CB-F203-4BBE-A004-2B05FD52B022} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)

Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)

Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical

Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler

Task: {1956102A-89B7-435C-BC53-D51F04C21824} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)

Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents

Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance

Task: {21B0A6AA-A292-4821-B69D-EDB343B77E6F} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-04-19] (Microsoft Corporation)

Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)

Task: {2A3322BB-5868-4043-8F82-DC16226E932A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {2A495247-F84F-4909-BE9B-DF602FBBDB06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh

Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks

Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update

Task: {343A981D-0F80-46CE-92B7-327479E3868A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {371D7873-847B-4573-A17B-40C89C37DFFF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)

Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator

Task: {382CC22A-9B5A-442A-A1C1-28DD7D5F7BAD} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2353595625-3027596916-252556977-1001

Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask

Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem

Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance

Task: {44698A85-8C3E-497E-AA37-C07F520803C2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for JOANAVAIO-Joana JoanaVaio => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2013-05-27] (Microsoft Corporation)

Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage

Task: {44F7F2D2-9347-4337-ACA1-B258CC371EAD} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)

Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)

Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon

Task: {4DEBF25D-82E8-4E9E-A0B1-628374053E90} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)

Task: {55A0A8B0-9BED-4E14-92DB-474DBE3ACB7F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)

Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance

Task: {5946DE2B-18DF-4DAB-884C-0C363178A15F} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required

Task: {5FF49DDD-7963-4C8B-B3A2-338CE10BEF0D} - System32\Tasks\User_Feed_Synchronization-{9EEAADD3-4934-402D-B376-833899701029} => C:\Windows\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)

Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)

Task: {68D9AF8A-F55F-4B84-AFA4-A4778FF0ADCA} - System32\Tasks\PrintProjects Communicator => C:\ProgramData\PrintProjects\Communicator.exe [2013-06-29] ()

Task: {6A6ABDD7-EFE1-41CF-97B6-95D7EC4EAAC3} - System32\Tasks\Sony Corporation\VHDInformationCheck => %ProgramFiles(x86)%\Sony\VAIO Recovery\plugins\InformationCheck.exe No File

Task: {6E81A169-EED4-43B7-BC1E-6492FCA16F80} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)

Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-10-20] (Microsoft Corporation)

Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319

Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update

Task: {7723D2A6-3CBE-4942-A00E-5840C12FD494} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)

Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance

Task: {814F219E-A044-4B81-AE11-921E60D2382E} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance

Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)

Task: {8B823E7A-71B2-497C-ADF2-90692A40DA9C} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-03-26] (Sony Corporation)

Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses

Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime

Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64

Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic

Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)

Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask

Task: {AA565098-DF85-4A2C-B38E-F309A7A8BCD2} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh

Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask

Task: {AE2806A3-727A-48E6-8AEA-494AACB020D0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)

Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask

Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan

Task: {B17A04A4-F4B9-4E49-8886-CCE09EFD7087} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup

Task: {B6155654-CA2D-4470-9170-80A25FC81AE0} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-10] (Sony Corporation)

Task: {BA6CAF01-3D94-48BE-99EC-106F20211254} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {BAF03EFE-C81E-42EF-B9AA-E48C80E0702B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall

Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific

Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan

Task: {C41794D4-1D90-42DF-9FF3-07A6617F3439} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender

Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)

Task: {CB50EAA2-E964-4C24-A60D-8347C701C108} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork

Task: {CFF46F25-035E-4A36-85B7-6EDC88FCD91E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)

Task: {D26B9B4B-DABE-4B0B-807B-9CEB80851A7E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation)

Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical

Task: {DC0FBD33-D0E5-40C4-8789-10DAE2109EBD} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)

Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery

Task: {E0D3CF24-ABE4-45B4-A216-61F3C9F53C9A} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)

Task: {E1FE432D-3C52-4AF8-977B-B1426C2B0595} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File

Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask

Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-10-20] (Microsoft Corporation)

Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)

Task: {EC1FB769-7DA4-46F3-AE27-61A59ED47566} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall

Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM

Task: {FF4641C9-F17B-4A4D-BEB9-81B562006488} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\PrintProjects Communicator.job => C:\ProgramData\PrintProjects\Communicator.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/23/2013 10:34:27 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.16.0.36713, Zeitstempel: 0x501addac

Name des fehlerhaften Moduls: actionManager.dll, Version: 1.16.0.36713, Zeitstempel: 0x501add63

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00016af4

ID des fehlerhaften Prozesses: 0xcec

Startzeit der fehlerhaften Anwendung: 0xismagent.exe0

Pfad der fehlerhaften Anwendung: ismagent.exe1

Pfad des fehlerhaften Moduls: ismagent.exe2

Berichtskennung: ismagent.exe3

Vollständiger Name des fehlerhaften Pakets: ismagent.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
 

Error: (07/23/2013 10:34:10 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.16.0.36713, Zeitstempel: 0x501addac

Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d

Ausnahmecode: 0xc00001a5

Fehleroffset: 0x6ca49254

ID des fehlerhaften Prozesses: 0xcec

Startzeit der fehlerhaften Anwendung: 0xismagent.exe0

Pfad der fehlerhaften Anwendung: ismagent.exe1

Pfad des fehlerhaften Moduls: ismagent.exe2

Berichtskennung: ismagent.exe3

Vollständiger Name des fehlerhaften Pakets: ismagent.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
 

Error: (07/23/2013 10:22:02 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15578
 

Error: (07/23/2013 10:22:02 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15578
 

Error: (07/23/2013 10:22:02 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (07/23/2013 10:11:39 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.16.0.36713, Zeitstempel: 0x501addac

Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.2.9200.16550, Zeitstempel: 0x5136a2a3

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0017d01e

ID des fehlerhaften Prozesses: 0x13cc

Startzeit der fehlerhaften Anwendung: 0xismagent.exe0

Pfad der fehlerhaften Anwendung: ismagent.exe1

Pfad des fehlerhaften Moduls: ismagent.exe2

Berichtskennung: ismagent.exe3

Vollständiger Name des fehlerhaften Pakets: ismagent.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
 

Error: (07/23/2013 10:11:25 PM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.16.0.36713, Zeitstempel: 0x501addac

Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d

Ausnahmecode: 0xc00001a5

Fehleroffset: 0x6c9d76d4

ID des fehlerhaften Prozesses: 0x13cc

Startzeit der fehlerhaften Anwendung: 0xismagent.exe0

Pfad der fehlerhaften Anwendung: ismagent.exe1

Pfad des fehlerhaften Moduls: ismagent.exe2

Berichtskennung: ismagent.exe3

Vollständiger Name des fehlerhaften Pakets: ismagent.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
 

Error: (07/23/2013 06:36:30 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 268718
 

Error: (07/23/2013 06:36:30 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 268718
 

Error: (07/23/2013 06:36:30 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 
 

System errors:

=============

Error: (07/23/2013 10:21:42 PM) (Source: DCOM) (User: JOANAVAIO)

Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 

Error: (07/23/2013 10:21:42 PM) (Source: DCOM) (User: JOANAVAIO)

Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
 

Error: (07/23/2013 10:20:34 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎23.‎07.‎2013 um 22:17:32 unerwartet heruntergefahren.
 

Error: (07/23/2013 10:09:26 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎23.‎07.‎2013 um 18:35:31 unerwartet heruntergefahren.
 

Error: (07/23/2013 06:35:31 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎23.‎07.‎2013 um 18:21:44 unerwartet heruntergefahren.
 

Error: (07/23/2013 06:38:36 AM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎23.‎07.‎2013 um 06:17:05 unerwartet heruntergefahren.
 

Error: (07/23/2013 06:17:05 AM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎23.‎07.‎2013 um 06:01:08 unerwartet heruntergefahren.
 

Error: (07/22/2013 07:09:05 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎22.‎07.‎2013 um 19:07:32 unerwartet heruntergefahren.
 

Error: (07/21/2013 10:11:35 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎21.‎07.‎2013 um 22:07:09 unerwartet heruntergefahren.
 

Error: (07/21/2013 10:07:09 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎21.‎07.‎2013 um 21:52:31 unerwartet heruntergefahren.
 
 

Microsoft Office Sessions:

=========================

Error: (07/23/2013 10:34:27 PM) (Source: Application Error)(User: )

Description: ismagent.exe1.16.0.36713501addacactionManager.dll1.16.0.36713501add63c000000500016af4cec01ce87e3f7fb58adC:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exeC:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\actionManager.dll446aafe1-f3d7-11e2-bea1-a41731e9dbc8
 

Error: (07/23/2013 10:34:10 PM) (Source: Application Error)(User: )

Description: ismagent.exe1.16.0.36713501addacdlnashext.dll_unloaded0.0.0.05010975dc00001a56ca49254cec01ce87e3f7fb58adC:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exedlnashext.dll3a4f407e-f3d7-11e2-bea1-a41731e9dbc8
 

Error: (07/23/2013 10:22:02 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15578
 

Error: (07/23/2013 10:22:02 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15578
 

Error: (07/23/2013 10:22:02 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (07/23/2013 10:11:39 PM) (Source: Application Error)(User: )

Description: ismagent.exe1.16.0.36713501addacSHELL32.dll6.2.9200.165505136a2a3c00000050017d01e13cc01ce87e0c46f4016C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exeC:\Windows\SYSTEM32\SHELL32.dll151ecf5a-f3d4-11e2-be9f-a41731e9dbc8
 

Error: (07/23/2013 10:11:25 PM) (Source: Application Error)(User: )

Description: ismagent.exe1.16.0.36713501addacdlnashext.dll_unloaded0.0.0.05010975dc00001a56c9d76d413cc01ce87e0c46f4016C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exedlnashext.dll0ca7272c-f3d4-11e2-be9f-a41731e9dbc8

und der frstlog

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-07-2013

Ran by Joana (administrator) on 23-07-2013 22:39:11

Running from C:\Users\Joana\Desktop

Windows 8 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Windows\system32\dashost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Windows\system32\mfevtps.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe

(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Users\Joana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(McAfee, Inc.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe

() C:\ProgramData\PrintProjects\Communicator.exe

(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe

(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe

(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

(Microsoft Corporation) C:\Windows\system32\wwahost.exe

(Microsoft Corporation) C:\Windows\system32\msiexec.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Microsoft Corporation) C:\Windows\system32\wwahost.exe

() C:\Program Files\Sony\VAIO Care\VCPerfService.exe

() C:\Program Files\Sony\VAIO Care\listener.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCWebServer.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)

HKLM\...\Policies\Explorer\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Atheros Communications))

HKCU\...\Run: [SkyDrive] - C:\Users\Joana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-05] (Microsoft Corporation)

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)

HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1532992 2013-03-13] (McAfee, Inc.)

HKLM-x32\...\Run: [ISBMgr.exe] - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [68776 2012-08-18] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)

HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2012-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Intel AppUp(R) center] - "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [156000 2012-10-04] (Intel Corporation)

HKLM-x32\...\Run: [mcpltui_exe] - "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui [299648 2012-07-24] (McAfee, Inc.)

HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Java\jre7\bin\jusched.exe" [x]

HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe [x]

HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)

HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk

ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)

Startup: C:\Users\Joana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk

ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

Startup: C:\Users\Joana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk

ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

BootExecute: autocheck autochk * 
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu

SearchScopes: HKCU - DefaultScope {3502CA5B-11BE-4079-9181-7B0FC5C89999} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS

SearchScopes: HKCU - {084154C3-14E5-4832-A982-7E56ACD44C6E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}

SearchScopes: HKCU - {3502CA5B-11BE-4079-9181-7B0FC5C89999} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
 

==================== Services (Whitelisted) =================
 

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S4 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [220856 2012-07-24] (McAfee, Inc.)

R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)

R2 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2769552 2013-05-09] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1872568 2013-04-19] (Microsoft Corporation)

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros)
 

==================== Drivers (Whitelisted) ====================
 

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)

R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)

R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)

U3 mfeapfk01; No ImagePath

U3 mfeavfk01; No ImagePath
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-07-23 22:38 - 2013-07-23 18:19 - 01779757 _____ (Farbar) C:\Users\Joana\Desktop\FRST64.exe

2013-07-23 19:42 - 2013-07-23 19:42 - 00000000 ____D C:\FRST

2013-07-21 22:06 - 2013-07-21 22:07 - 00458032 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-21 21:15 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys

2013-07-21 21:15 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys

2013-07-21 21:15 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2013-07-21 21:15 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-07-21 21:15 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2013-07-21 21:15 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS

2013-07-21 21:15 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-07-21 21:15 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys

2013-07-21 21:15 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2013-07-21 21:15 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-07-21 21:15 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll

2013-07-21 21:15 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll

2013-07-21 21:15 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll

2013-07-21 21:15 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll

2013-07-21 21:15 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2013-07-21 21:15 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe

2013-07-21 21:15 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2013-07-21 21:15 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2013-07-21 21:15 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll

2013-07-21 21:15 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe

2013-07-21 21:15 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll

2013-07-21 21:15 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll

2013-07-21 21:15 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2013-07-21 21:15 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll

2013-07-21 21:15 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll

2013-07-21 21:15 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll

2013-07-21 21:15 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2013-07-21 21:15 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll

2013-07-21 21:15 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys

2013-07-21 21:15 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2013-07-21 21:15 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2013-07-21 21:15 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2013-07-21 21:15 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2013-07-21 21:15 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml

2013-07-21 21:05 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2013-07-21 20:48 - 2013-07-21 20:48 - 00003584 ____N C:\bootsqm.dat

2013-07-19 15:26 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll

2013-07-19 15:26 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll

2013-07-19 15:25 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS

2013-07-19 15:25 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys

2013-07-19 15:25 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2013-07-19 15:25 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2013-07-19 15:25 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2013-07-19 15:25 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2013-07-19 15:25 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2013-07-19 15:25 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2013-07-19 15:25 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2013-07-19 15:25 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2013-07-19 15:25 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe

2013-07-19 15:25 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2013-07-19 15:25 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2013-07-19 15:25 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2013-07-19 15:25 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2013-07-19 15:25 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll

2013-07-19 15:25 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

2013-07-19 15:25 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll

2013-07-19 15:25 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll

2013-07-19 15:25 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll

2013-07-19 15:25 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll

2013-07-19 15:25 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-07-19 15:25 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll

2013-07-19 15:25 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll

2013-07-19 15:25 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll

2013-07-19 15:25 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll

2013-07-19 15:25 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl

2013-07-19 15:25 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs

2013-07-19 15:24 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe

2013-07-19 15:24 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll

2013-07-19 15:24 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe

2013-07-19 15:24 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe

2013-07-19 15:24 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll

2013-07-19 15:24 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll

2013-07-19 15:24 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll

2013-07-19 15:24 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl

2013-07-19 15:24 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs

2013-07-19 15:24 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys

2013-07-19 15:03 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-07-19 15:03 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2013-07-15 22:25 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

2013-07-14 22:48 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2013-07-14 22:48 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2013-07-12 12:29 - 2013-07-12 12:29 - 00000000 ____D C:\Users\Joana\AppData\Roaming\WildTangent

2013-07-11 14:01 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-07-11 14:01 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-07-11 14:01 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-07-11 14:01 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-07-11 14:01 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-07-11 14:01 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-07-11 14:01 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-07-11 14:01 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-07-11 14:01 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-07-11 14:01 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-07-11 14:01 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-07-11 14:01 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-07-11 14:01 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-07-11 14:01 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-07-11 14:01 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-07-11 14:01 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-07-11 14:01 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-07-11 14:01 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-07-11 14:01 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-07-11 14:01 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-07-11 14:01 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-07-11 14:01 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-07-11 14:01 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-07-11 14:01 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-07-10 12:26 - 2013-07-10 12:26 - 00007973 _____ C:\Users\Joana\AppData\Local\recently-used.xbel

2013-07-07 22:35 - 2013-07-07 22:45 - 00000000 ___RD C:\Users\Joana\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

2013-07-07 22:08 - 2013-07-07 22:08 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-07-07 22:07 - 2013-07-07 22:08 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-07-07 22:04 - 2013-07-07 22:04 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-07-07 22:03 - 2013-07-07 22:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-07-07 22:03 - 2013-07-07 22:04 - 00000000 ____D C:\Program Files\iTunes

2013-07-07 22:03 - 2013-07-07 22:04 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-07-07 22:03 - 2013-07-07 22:03 - 00000000 ____D C:\Program Files\iPod

2013-07-04 22:54 - 2013-07-07 22:53 - 00000000 ____D C:\Users\Joana\Desktop\Peter

2013-06-29 14:00 - 2013-07-23 22:34 - 00000324 _____ C:\Windows\Tasks\PrintProjects Communicator.job

2013-06-29 14:00 - 2013-06-29 15:32 - 00000000 ___RD C:\Users\Joana\Documents\RocketLifeNetwork

2013-06-29 14:00 - 2013-06-29 14:00 - 00003246 _____ C:\Windows\System32\Tasks\PrintProjects Communicator

2013-06-29 14:00 - 2013-06-29 14:00 - 00000000 ____D C:\Users\Joana\AppData\Roaming\Visan

2013-06-29 10:10 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe

2013-06-29 10:10 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll

2013-06-29 10:10 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe

2013-06-29 10:10 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll

2013-06-25 15:56 - 2013-07-10 12:14 - 00000000 ____D C:\Users\Joana\Desktop\Welpenhaus

2013-06-25 14:23 - 2013-06-25 14:23 - 00003288 _____ C:\Windows\System32\Tasks\{D472FBCE-DB03-4136-B9C1-3EC2FF2E0C9A}
 

==================== One Month Modified Files and Folders =======
 

2013-07-23 22:38 - 2013-04-17 12:25 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2353595625-3027596916-252556977-1001

2013-07-23 22:37 - 2013-01-30 11:23 - 00772388 _____ C:\Windows\system32\perfh007.dat

2013-07-23 22:37 - 2013-01-30 11:23 - 00161464 _____ C:\Windows\system32\perfc007.dat

2013-07-23 22:37 - 2012-07-26 09:28 - 01783300 _____ C:\Windows\system32\PerfStringBackup.INI

2013-07-23 22:36 - 2013-04-17 14:47 - 00005140 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for JOANAVAIO-Joana JoanaVaio

2013-07-23 22:34 - 2013-06-29 14:00 - 00000324 _____ C:\Windows\Tasks\PrintProjects Communicator.job

2013-07-23 22:34 - 2013-04-24 10:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-07-23 22:34 - 2013-04-19 12:16 - 00000000 ____D C:\Users\Joana\AppData\Local\CrashDumps

2013-07-23 22:20 - 2013-04-18 13:50 - 00000000 ____D C:\ProgramData\Kodak

2013-07-23 22:20 - 2013-01-30 12:21 - 00000000 ____D C:\ProgramData\MOCP

2013-07-23 22:20 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-07-23 22:17 - 2012-07-26 07:26 - 00786432 ___SH C:\Windows\system32\config\BBI

2013-07-23 19:42 - 2013-07-23 19:42 - 00000000 ____D C:\FRST

2013-07-23 18:19 - 2013-07-23 22:38 - 01779757 _____ (Farbar) C:\Users\Joana\Desktop\FRST64.exe

2013-07-23 18:08 - 2012-07-26 09:21 - 00026044 _____ C:\Windows\setupact.log

2013-07-23 05:56 - 2013-01-30 11:50 - 01911839 _____ C:\Windows\WindowsUpdate.log

2013-07-23 05:54 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru

2013-07-21 22:07 - 2013-07-21 22:06 - 00458032 _____ C:\Windows\system32\FNTCACHE.DAT

2013-07-21 22:01 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM

2013-07-21 21:50 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData

2013-07-21 21:50 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore

2013-07-21 21:50 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2013-07-21 21:50 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2013-07-21 21:50 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism

2013-07-21 21:49 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism

2013-07-21 20:48 - 2013-07-21 20:48 - 00003584 ____N C:\bootsqm.dat

2013-07-20 05:17 - 2013-04-17 18:14 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9EEAADD3-4934-402D-B376-833899701029}

2013-07-20 05:16 - 2013-04-17 13:01 - 00000000 ___RD C:\Users\Joana\SkyDrive

2013-07-19 16:04 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent

2013-07-19 14:39 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing

2013-07-14 18:40 - 2013-01-30 11:53 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-07-14 18:39 - 2012-08-03 04:22 - 00014130 _____ C:\Windows\PFRO.log

2013-07-14 18:36 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal

2013-07-14 18:36 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe

2013-07-12 13:52 - 2013-04-18 11:55 - 00000000 ____D C:\Users\Joana\Desktop\Erstes Hundezentrum Schäfer

2013-07-12 12:29 - 2013-07-12 12:29 - 00000000 ____D C:\Users\Joana\AppData\Roaming\WildTangent

2013-07-11 16:12 - 2013-04-17 22:29 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-07-11 12:52 - 2013-04-17 12:14 - 00000000 ____D C:\Users\Joana\AppData\Local\Packages

2013-07-10 14:17 - 2013-04-18 13:39 - 00000000 ____D C:\Users\Joana\.gimp-2.8

2013-07-10 12:26 - 2013-07-10 12:26 - 00007973 _____ C:\Users\Joana\AppData\Local\recently-used.xbel

2013-07-10 12:14 - 2013-06-25 15:56 - 00000000 ____D C:\Users\Joana\Desktop\Welpenhaus

2013-07-07 22:53 - 2013-07-04 22:54 - 00000000 ____D C:\Users\Joana\Desktop\Peter

2013-07-07 22:45 - 2013-07-07 22:35 - 00000000 ___RD C:\Users\Joana\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App

2013-07-07 22:08 - 2013-07-07 22:08 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-07-07 22:08 - 2013-07-07 22:07 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-07-07 22:04 - 2013-07-07 22:04 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-07-07 22:04 - 2013-07-07 22:03 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-07-07 22:04 - 2013-07-07 22:03 - 00000000 ____D C:\Program Files\iTunes

2013-07-07 22:04 - 2013-07-07 22:03 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-07-07 22:03 - 2013-07-07 22:03 - 00000000 ____D C:\Program Files\iPod

2013-07-05 14:44 - 2013-04-17 13:01 - 00002278 _____ C:\Users\Joana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk

2013-06-29 15:32 - 2013-06-29 14:00 - 00000000 ___RD C:\Users\Joana\Documents\RocketLifeNetwork

2013-06-29 15:32 - 2013-04-18 14:02 - 00000000 ____D C:\ProgramData\PrintProjects

2013-06-29 14:45 - 2013-04-17 12:15 - 00000000 ____D C:\Users\Joana\AppData\Local\VirtualStore

2013-06-29 14:39 - 2013-04-18 11:56 - 00000000 ____D C:\Users\Joana\Desktop\Opa Schriftverkehr

2013-06-29 14:00 - 2013-06-29 14:00 - 00003246 _____ C:\Windows\System32\Tasks\PrintProjects Communicator

2013-06-29 14:00 - 2013-06-29 14:00 - 00000000 ____D C:\Users\Joana\AppData\Roaming\Visan

2013-06-29 14:00 - 2013-04-18 14:02 - 00000000 ____D C:\ProgramData\Visan

2013-06-28 00:04 - 2013-05-24 20:59 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-06-28 00:04 - 2013-05-24 20:59 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-06-25 15:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache

2013-06-25 14:23 - 2013-06-25 14:23 - 00003288 _____ C:\Windows\System32\Tasks\{D472FBCE-DB03-4136-B9C1-3EC2FF2E0C9A}
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe

[2013-07-21 21:15] - [2013-06-01 13:34] - 2391280 ____A (Microsoft Corporation) 0E8E6463F81C80AFBED533E0F1F8895D
 

C:\Windows\SysWOW64\explorer.exe

[2013-07-21 21:15] - [2013-06-01 12:24] - 2106176 ____A (Microsoft Corporation) EAFE46B0292D2BD2467835E2ACF717CC
 

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys

[2013-07-21 21:15] - [2013-06-01 13:26] - 0327936 ____A (Microsoft Corporation) 78A5BBA3819FFFC62FFEC3E2220D102D
 
 
 

LastRegBack: 2013-07-23 06:27
 

==================== End Of Log ============================

--- --- ---