Mannifred | 29.08.2013 16:14 | So habe jetzt office deinstalliert und 2 neue logs:
frst.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-08-2013
Ran by Claudia (administrator) on 29-08-2013 17:01:56
Running from C:\Users\Claudia\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
( ) C:\Windows\system32\lxdvcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(SafeNet, Inc.) C:\Program Files\Aladdin\eToken\SAC\x64\SACMonitor.exe
() C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe
() C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Program Files (x86)\USIM Editor\iconcs151118.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files\Aladdin\eToken\SAC\x64\SACSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost VPN\Service.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-20] (Intel Corporation)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [7060848 2012-09-14] (O&O Software GmbH)
HKLM\...\Run: [SACMonitor] - C:\Program Files\Aladdin\eToken\SAC\x64\SACMonitor.exe [2183312 2012-04-16] (SafeNet, Inc.)
HKLM\...\Run: [lxdvmon.exe] - C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe [455336 2009-07-07] ()
HKLM\...\Run: [lxdvamon] - C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe [25256 2009-07-07] ()
Winlogon\Notify\ScCertProp:
HKCU\...\Run: [] - [x]
HKCU\...\Run: [GoogleChromeAutoLaunch_8FBDDE0DA8112CBEB0980C32BED10A6B] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [846288 2013-07-25] (Google Inc.)
HKCU\...\Run: [AROReminder] - C:\Program Files (x86)\ARO 2013\ARO.exe [3157336 2013-07-03] (Support.com, Inc.)
MountPoints2: {bd0ade7f-eb1b-11e1-97fc-806e6f6e6963} - E:\Launch.exe
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-31] (CyberLink Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation)
HKLM-x32\...\Run: [USBestCR] - C:\Program Files (x86)\USIM Editor\iconcs151118.exe [7041024 2010-07-02] ()
HKLM-x32\...\Run: [Lexmark X5400 Series] - C:\Program Files (x86)\Lexmark X5400 Series\fm3032.exe [307880 2009-07-07] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [x]
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKU\Ann-Cathrin\...\Run: [Spotify] - C:\Users\Ann-Cathrin\AppData\Roaming\Spotify\Spotify.exe [7880664 2012-11-05] (Spotify Ltd)
HKU\Default\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
HKU\Default User\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
AppInit_DLLs: [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{87CCB9C0-55B9-4110-884F-A6CB0927EF50}\DefragIcon.exe ()
Startup: C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6600.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6600.lnk -> C:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
ProxyServer: 62.240.30.201:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
URLSearchHook: (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: (No Name) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - No File
URLSearchHook: (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {213C8ED6-1D78-4D8F-8729-25006AA86A76} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\3ggbr1u1.default
FF user.js: detected! => C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\3ggbr1u1.default\user.js
FF SelectedSearchEngine: qvo6
FF Homepage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
FF NetworkProxy: "autoconfig_url", "https://secure.premiumize.me/0069a354ac565dc1ee7d001b9c7ea218/proxy.pac"
FF NetworkProxy: "http", "77.94.48.5"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "54.247.119.128"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "socks_version", 4
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\3ggbr1u1.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: admin - C:\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\3ggbr1u1.default\Extensions\admin@proxy-listen.de.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
Chrome:
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U2) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Proxy SwitchySharp) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\1.10.2_0
CHR Extension: (Invite All) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih\1.25_0
CHR Extension: (Foxy Proxy Standard) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp\2.8_0
CHR Extension: (Skype Click to Call) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Premiumize.me) - C:\Users\Claudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm\0.0.16_0
CHR HKLM-x32\...\Chrome\Extension: [ejnmnhkgiphcaeefbaooconkceehicfi] - C:\Program Files (x86)\DealPly\DealPly.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST750LM022XHN-M750MBB_S2USJ9AC315244&ts=1376685932
==================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-24] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 CGVPNCliService; C:\Program Files\CyberGhost VPN\Service.exe [26088 2013-07-22] (CyberGhost S.R.L)
S3 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S3 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S3 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2012-11-30] (DATA BECKER GmbH & Co KG)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 lxdv_device; C:\Windows\system32\lxdvcoms.exe [1044136 2007-10-18] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLHUK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2552176 2012-09-14] (O&O Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SACSrv; C:\Program Files\Aladdin\eToken\SAC\x64\SACSrv.exe [10384 2012-04-16] (SafeNet, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S2 AfaService; C:\Windows\system32\afasrv64.exe [x]
==================== Drivers (Whitelisted) ====================
R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\Windows\System32\drivers\aksup.sys [44712 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-05-04] (ITE )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-29 16:01 - 2013-08-29 16:01 - 00002562 _____ C:\Windows\diagwrn.xml
2013-08-29 16:01 - 2013-08-29 16:01 - 00001908 _____ C:\Windows\diagerr.xml
2013-08-29 15:44 - 2013-08-29 15:59 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\ImgBurn
2013-08-29 15:10 - 2013-08-29 15:10 - 00001903 _____ C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2013-08-29 15:10 - 2013-08-29 15:10 - 00001873 _____ C:\Users\Claudia\Desktop\ImgBurn.lnk
2013-08-29 15:10 - 2013-08-29 15:10 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
2013-08-29 15:10 - 2013-08-29 15:10 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-08-29 13:34 - 2013-08-29 13:34 - 00000000 ____D C:\Users\Claudia\AppData\Local\{017DAB33-F4B4-42C5-87AA-01E167B5C9C2}
2013-08-28 19:23 - 2013-08-28 19:23 - 00068018 _____ C:\Users\Claudia\Documents\Konto Postbank (Automatisch gespeichert).xlsx
2013-08-28 19:18 - 2013-08-28 19:18 - 00280824 _____ C:\Windows\Minidump\082813-13790-01.dmp
2013-08-28 19:13 - 2013-08-28 19:13 - 00280824 _____ C:\Windows\Minidump\082813-14040-01.dmp
2013-08-28 19:09 - 2013-08-28 19:09 - 00281872 _____ C:\Windows\Minidump\082813-14071-01.dmp
2013-08-28 17:57 - 2013-08-28 17:57 - 00000165 ____H C:\Users\Public\Documents\~$Konto Postbank.xlsx
2013-08-28 16:22 - 2013-08-28 16:22 - 00281664 _____ C:\Windows\Minidump\082813-15256-01.dmp
2013-08-28 16:16 - 2013-08-28 16:17 - 00283952 _____ C:\Windows\Minidump\082813-15444-01.dmp
2013-08-28 16:04 - 2013-08-28 16:04 - 00281680 _____ C:\Windows\Minidump\082813-27190-01.dmp
2013-08-28 16:00 - 2013-08-28 16:00 - 00282072 _____ C:\Windows\Minidump\082813-16988-01.dmp
2013-08-28 15:54 - 2013-08-28 15:54 - 00284864 _____ C:\Windows\Minidump\082813-26847-01.dmp
2013-08-28 15:26 - 2013-08-28 15:27 - 00281400 _____ C:\Windows\Minidump\082813-19312-01.dmp
2013-08-28 15:22 - 2013-08-28 15:23 - 00284864 _____ C:\Windows\Minidump\082813-21060-01.dmp
2013-08-28 15:05 - 2013-08-28 15:05 - 00003614 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6600
2013-08-28 15:04 - 2013-08-28 15:04 - 00002120 _____ C:\Users\Public\Desktop\HP Officejet 6600.lnk
2013-08-28 15:04 - 2013-08-28 15:04 - 00001832 _____ C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6600.lnk
2013-08-28 15:04 - 2013-08-28 15:04 - 00001128 _____ C:\Users\Public\Desktop\Zubehör einkaufen - HP Officejet 6600.lnk
2013-08-28 15:04 - 2011-09-09 16:22 - 00778088 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5D12.dll
2013-08-28 14:35 - 2013-08-28 14:35 - 00000057 _____ C:\ProgramData\Ament.ini
2013-08-28 11:05 - 2013-08-28 11:07 - 00000000 ____D C:\Users\Claudia\AppData\Local\{254F66FC-933F-42D9-82D7-BD11A5C2FF0D}
2013-08-27 11:16 - 2013-08-27 11:18 - 00000000 ____D C:\Users\Claudia\AppData\Local\{31CB6FFC-C371-4AD8-8E15-B3118E59A42C}
2013-08-26 13:36 - 2013-08-26 13:36 - 00284864 _____ C:\Windows\Minidump\082613-13587-01.dmp
2013-08-26 11:35 - 2013-08-26 11:35 - 00000000 ____D C:\Users\Claudia\AppData\Local\{B1D647E1-143B-4CAE-BE32-52029DCF3E88}
2013-08-25 13:06 - 2013-08-25 13:06 - 00000000 ____D C:\Users\Claudia\AppData\Local\{0C9945AC-2DFB-47A4-B9CC-C8867F2AD61B}
2013-08-24 14:31 - 2013-08-24 14:35 - 00000000 ____D C:\Users\Claudia\AppData\Local\CyberGhost
2013-08-24 14:30 - 2013-08-24 14:31 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-24 14:26 - 2013-08-24 14:30 - 00001750 _____ C:\Users\Claudia\Desktop\CyberGhost VPN.lnk
2013-08-24 13:54 - 2013-08-24 13:56 - 00000000 ____D C:\Program Files\TAP-Windows
2013-08-21 23:17 - 2013-08-21 23:17 - 00000000 ____D C:\Users\Claudia\AppData\Local\{838C924C-C305-49D7-B501-DD7D2E147824}
2013-08-21 15:30 - 2013-08-21 15:30 - 00039967 _____ C:\Users\Claudia\Desktop\Addition.txt
2013-08-21 15:28 - 2013-08-21 15:28 - 00000000 ____D C:\FRST
2013-08-21 12:24 - 2013-08-21 12:24 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-21 12:24 - 2013-08-21 12:24 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\Malwarebytes
2013-08-21 12:24 - 2013-08-21 12:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 12:24 - 2013-08-21 12:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 12:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-20 22:22 - 2013-08-20 22:22 - 00000000 ____D C:\Users\Claudia\AppData\Local\{816270E0-A8BC-4CD4-B9B8-2C067E81216D}
2013-08-20 11:38 - 2013-08-20 11:38 - 00281216 _____ C:\Windows\Minidump\082013-16957-01.dmp
2013-08-19 16:44 - 2013-08-19 16:44 - 00000000 ____D C:\Users\Claudia\AppData\Local\{5EFEF317-3D79-43A4-BCB9-32385D239DEF}
2013-08-19 16:28 - 2013-08-19 16:28 - 00000000 ____D C:\Users\Claudia\.appwork
2013-08-18 23:33 - 2013-08-18 23:33 - 00019267 _____ C:\AdwCleaner[R2].txt
2013-08-18 23:31 - 2013-08-18 23:31 - 00019206 _____ C:\AdwCleaner[R1].txt
2013-08-18 21:49 - 2013-08-18 21:49 - 00000000 ____D C:\Users\Claudia\AppData\Local\{019AD6AB-35F1-47C1-8711-B0EB43A520AC}
2013-08-17 18:39 - 2013-08-28 19:18 - 598225044 _____ C:\Windows\MEMORY.DMP
2013-08-17 18:39 - 2013-08-28 19:18 - 00000000 ____D C:\Windows\Minidump
2013-08-17 18:39 - 2013-08-17 18:40 - 00282752 _____ C:\Windows\Minidump\081713-22573-01.dmp
2013-08-17 17:11 - 2013-08-17 18:30 - 00025180 _____ C:\Users\Claudia\Documents\NL Rechnung 13a-13 Engel.xlsx
2013-08-17 17:10 - 2013-08-17 18:30 - 00025395 _____ C:\Users\Claudia\Documents\NL Vertrag 13a-13 Engel.xlsx
2013-08-17 16:41 - 2013-08-17 16:42 - 00000000 ____D C:\Users\Claudia\AppData\Local\{37F86E81-D05F-4A0D-B071-46DAB2C49730}
2013-08-17 12:17 - 2013-08-17 12:17 - 00000000 ____D C:\Users\Claudia\AppData\Local\{8FD6400F-6FA3-4BA8-81BB-99073C11C2F9}
2013-08-17 00:08 - 2013-08-17 00:08 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\DivX
2013-08-16 23:46 - 2013-08-16 23:46 - 00000057 _____ C:\Users\Claudia\AppData\Roaming\WB.CFG
2013-08-16 23:46 - 2013-08-16 23:46 - 00000005 _____ C:\Users\Claudia\AppData\Roaming\WBPU-TTL.DAT
2013-08-16 22:48 - 2013-08-19 16:28 - 00000000 ____D C:\Users\Claudia\AppData\Local\JDownloader v2.0
2013-08-16 22:48 - 2013-08-16 22:48 - 00001621 _____ C:\Users\Claudia\Desktop\DivX Movies.lnk
2013-08-16 22:47 - 2013-08-21 15:36 - 00000000 ____D C:\ProgramData\eSafe
2013-08-16 22:47 - 2013-08-18 23:09 - 00000000 ____D C:\Program Files\DivX
2013-08-16 22:46 - 2013-08-18 23:09 - 00000000 ____D C:\Program Files (x86)\DivX
2013-08-16 22:46 - 2013-08-17 18:46 - 00000294 _____ C:\Windows\Tasks\DSite.job
2013-08-16 22:46 - 2013-08-16 22:46 - 00003242 _____ C:\Windows\System32\Tasks\DSite
2013-08-16 22:46 - 2013-08-16 22:46 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\DSite
2013-08-16 22:46 - 2013-08-16 22:46 - 00000000 ____D C:\Users\Claudia\AppData\Local\DealPlyLive
2013-08-16 22:45 - 2013-08-18 23:10 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-08-16 22:45 - 2013-08-18 23:10 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-16 22:45 - 2013-08-18 23:09 - 00000000 ____D C:\ProgramData\DivX
2013-08-16 22:45 - 2013-08-17 18:45 - 00000298 _____ C:\Windows\Tasks\Dealply.job
2013-08-16 22:45 - 2013-08-16 22:46 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\LavFilters
2013-08-16 22:45 - 2013-08-16 22:46 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\CDXReader
2013-08-16 22:45 - 2013-08-16 22:45 - 00003246 _____ C:\Windows\System32\Tasks\Dealply
2013-08-16 22:45 - 2013-08-16 22:45 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\eIntaller
2013-08-15 13:59 - 2013-08-15 13:59 - 00000000 ____D C:\Users\Claudia\AppData\Local\{44B396B5-9123-4B39-9E11-44FF1E79134D}
2013-08-15 03:14 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:14 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:14 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:14 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:14 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:14 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:14 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:14 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:14 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:14 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:14 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:14 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:14 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:14 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 01:55 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 01:55 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 01:55 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 01:55 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 01:55 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 01:55 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 01:55 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 01:55 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 01:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 01:55 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 01:55 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 01:55 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 01:55 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 01:55 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 01:55 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 01:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 01:55 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 01:55 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 01:55 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 01:55 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 01:55 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 01:55 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 01:55 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 01:55 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 01:55 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 01:55 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 01:55 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 01:39 - 2013-08-15 01:40 - 00000000 ____D C:\Users\Claudia\AppData\Local\{2CA96D2A-1BFB-4196-B126-0EE2165BAB9A}
2013-08-13 19:48 - 2013-08-13 20:13 - 00025054 _____ C:\Users\Claudia\Documents\NL Rechnung 12b-13 Kimpel.xlsx
2013-08-13 19:42 - 2013-08-13 19:49 - 00025457 _____ C:\Users\Claudia\Documents\NL Vertrag 12b-13 Kimpel.xlsx
2013-08-13 11:14 - 2013-08-13 11:15 - 00000000 ____D C:\Users\Claudia\AppData\Local\{82973E3F-6240-4B81-BC37-1417A16052FF}
2013-08-12 14:00 - 2013-08-12 14:00 - 00000000 ____D C:\Users\Claudia\AppData\Local\{DE792B33-8CE0-4A05-9DD9-4A6ABB905EF9}
2013-08-12 01:36 - 2013-08-12 01:36 - 00000000 ____D C:\Users\Claudia\AppData\Local\{0201EF51-EEEA-4A34-94AD-8DA43A63376E}
2013-08-12 01:23 - 2013-08-12 01:23 - 00000000 ____D C:\Users\Claudia\AppData\Local\{A95081BB-4BC9-4669-B635-0F87778C062A}
2013-08-12 01:20 - 2013-08-12 01:20 - 00000000 ____D C:\Users\Claudia\AppData\Local\{A2BF7023-3BB6-4E6B-8F91-39633E1559B6}
2013-08-11 13:32 - 2013-08-16 22:47 - 00001381 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-11 13:32 - 2013-08-11 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-11 13:27 - 2013-08-11 13:28 - 21703480 _____ (Mozilla) C:\Users\Claudia\Firefox_Setup_22.0.exe
2013-08-11 13:20 - 2013-08-11 13:20 - 00000000 ____D C:\Users\Claudia\AppData\Local\{8FCE37B1-405B-4471-9FBC-69DE4511873C}
2013-08-10 04:14 - 2013-08-10 04:14 - 00000000 ____D C:\Users\Claudia\AppData\Local\{9ED53E98-03FD-47EE-9B8C-4D939DDE3EC9}
2013-08-09 12:26 - 2013-08-09 12:26 - 00000000 ____D C:\Users\Claudia\AppData\Local\{032F903D-503D-4261-8814-FA319C18EED0}
2013-08-08 23:06 - 2013-08-08 23:06 - 00000000 ____D C:\Users\Claudia\AppData\Local\{8E9A6808-043F-4BA7-95CE-8153597CFC7A}
2013-08-07 16:29 - 2013-08-07 16:29 - 00000000 ____D C:\Users\Claudia\AppData\Local\{ED3532DE-4C52-479F-AF97-2AA7440647E3}
2013-08-07 15:28 - 2013-08-07 15:34 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\EurekaLog
2013-08-07 14:16 - 2013-08-11 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 13:00 - 2013-08-07 13:00 - 00000936 _____ C:\Users\Claudia\Desktop\Evernote.lnk
2013-08-07 13:00 - 2013-08-07 13:00 - 00000000 ____D C:\Users\Claudia\AppData\Local\Evernote
2013-08-07 13:00 - 2013-08-07 13:00 - 00000000 ____D C:\Program Files (x86)\Evernote
2013-08-05 16:58 - 2013-08-05 16:58 - 00000000 ____D C:\Users\Claudia\AppData\Local\{54350525-DE3E-403E-913C-9F7126687766}
2013-08-04 21:40 - 2013-08-04 21:40 - 00002216 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-04 21:35 - 2013-08-04 21:35 - 00000000 ____D C:\Users\Claudia\AppData\Local\{0B91E2E0-6BF9-4238-9FB5-9BA627AF63FF}
2013-08-02 23:02 - 2013-08-02 23:02 - 00000000 ____D C:\Users\Claudia\AppData\Local\{F83FEF0F-8939-4EF7-A286-771FA1652DF0}
2013-07-31 19:24 - 2013-07-31 19:25 - 00000000 ____D C:\Users\Claudia\AppData\Local\{9849D5D8-D4BE-4E0C-9FE5-63CD0F06623B}
2013-07-31 18:09 - 2013-07-31 18:09 - 00000000 ____D C:\Users\Claudia\AppData\Local\{A83CE4E2-4CD0-443B-98FD-C3AA74EC66E9}
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\Users\Claudia\AppData\Local\{F12BE577-A2BC-4E52-98EB-269E40A0FECB}
2013-07-30 09:52 - 2013-07-30 09:52 - 00000000 ____D C:\Users\Claudia\AppData\Local\{87A79A53-18E5-4E6B-AE7E-B598CB5C8925}
2013-07-30 09:50 - 2013-07-30 09:50 - 00001306 _____ C:\Users\Claudia\Desktop\Clean Registry for Free!.lnk
==================== One Month Modified Files and Folders =======
2013-08-29 17:01 - 2012-08-26 11:33 - 00000000 ____D C:\Users\Claudia\Downloads\Programme
2013-08-29 17:00 - 2013-08-29 17:00 - 01579080 _____ (Farbar) C:\Users\Claudia\Downloads\FRST64.exe
2013-08-29 17:00 - 2013-05-20 22:20 - 00000000 ____D C:\Users\Claudia\Desktop\JDownloader2BETA
2013-08-29 16:56 - 2012-08-21 17:43 - 00000000 ____D C:\Program Files (x86)\Biet-O-Matic
2013-08-29 16:56 - 2012-08-20 16:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-29 16:54 - 2012-08-20 16:12 - 01425023 _____ C:\Windows\WindowsUpdate.log
2013-08-29 16:13 - 2012-09-13 16:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 16:01 - 2013-08-29 16:01 - 00002562 _____ C:\Windows\diagwrn.xml
2013-08-29 16:01 - 2013-08-29 16:01 - 00001908 _____ C:\Windows\diagerr.xml
2013-08-29 16:01 - 2013-04-11 13:29 - 00000917 _____ C:\Windows\setupact.log
2013-08-29 16:01 - 2013-04-11 13:29 - 00000000 _____ C:\Windows\setuperr.log
2013-08-29 16:01 - 2012-02-21 20:50 - 00754682 _____ C:\Windows\system32\perfh007.dat
2013-08-29 16:01 - 2012-02-21 20:50 - 00172382 _____ C:\Windows\system32\perfc007.dat
2013-08-29 16:01 - 2009-07-14 07:13 - 01763064 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-29 15:59 - 2013-08-29 15:44 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\ImgBurn
2013-08-29 15:10 - 2013-08-29 15:10 - 00001903 _____ C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2013-08-29 15:10 - 2013-08-29 15:10 - 00001873 _____ C:\Users\Claudia\Desktop\ImgBurn.lnk
2013-08-29 15:10 - 2013-08-29 15:10 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImgBurn
2013-08-29 15:10 - 2013-08-29 15:10 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-08-29 14:57 - 2009-07-14 06:45 - 00017488 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 14:57 - 2009-07-14 06:45 - 00017488 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-29 14:49 - 2012-08-20 16:29 - 00000000 ____D C:\Users\Claudia\Documents\Youcam
2013-08-29 14:49 - 2012-08-20 16:25 - 00159376 _____ C:\Users\Claudia\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-29 14:45 - 2013-07-22 15:06 - 00000292 _____ C:\Windows\Tasks\AutoKMS.job
2013-08-29 14:45 - 2012-12-24 21:57 - 00277076 _____ C:\Windows\system32\oodbs.lor
2013-08-29 14:45 - 2012-08-20 16:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-29 14:45 - 2010-11-21 05:47 - 00126238 _____ C:\Windows\PFRO.log
2013-08-29 14:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 14:45 - 2009-07-14 06:45 - 00578536 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-29 14:35 - 2012-12-24 18:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-29 14:34 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2013-08-29 14:34 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-08-29 14:34 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-29 14:31 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-08-29 14:31 - 2009-07-14 04:34 - 00000387 _____ C:\Windows\win.ini
2013-08-29 13:34 - 2013-08-29 13:34 - 00000000 ____D C:\Users\Claudia\AppData\Local\{017DAB33-F4B4-42C5-87AA-01E167B5C9C2}
2013-08-28 19:26 - 2013-01-08 18:39 - 00023553 _____ C:\Users\Public\Documents\NL Buchhaltung 2013.xlsx
2013-08-28 19:23 - 2013-08-28 19:23 - 00068018 _____ C:\Users\Claudia\Documents\Konto Postbank (Automatisch gespeichert).xlsx
2013-08-28 19:18 - 2013-08-28 19:18 - 00280824 _____ C:\Windows\Minidump\082813-13790-01.dmp
2013-08-28 19:18 - 2013-08-17 18:39 - 598225044 _____ C:\Windows\MEMORY.DMP
2013-08-28 19:18 - 2013-08-17 18:39 - 00000000 ____D C:\Windows\Minidump
2013-08-28 19:13 - 2013-08-28 19:13 - 00280824 _____ C:\Windows\Minidump\082813-14040-01.dmp
2013-08-28 19:09 - 2013-08-28 19:09 - 00281872 _____ C:\Windows\Minidump\082813-14071-01.dmp
2013-08-28 17:57 - 2013-08-28 17:57 - 00000165 ____H C:\Users\Public\Documents\~$Konto Postbank.xlsx
2013-08-28 16:22 - 2013-08-28 16:22 - 00281664 _____ C:\Windows\Minidump\082813-15256-01.dmp
2013-08-28 16:17 - 2013-08-28 16:16 - 00283952 _____ C:\Windows\Minidump\082813-15444-01.dmp
2013-08-28 16:04 - 2013-08-28 16:04 - 00281680 _____ C:\Windows\Minidump\082813-27190-01.dmp
2013-08-28 16:00 - 2013-08-28 16:00 - 00282072 _____ C:\Windows\Minidump\082813-16988-01.dmp
2013-08-28 15:54 - 2013-08-28 15:54 - 00284864 _____ C:\Windows\Minidump\082813-26847-01.dmp
2013-08-28 15:27 - 2013-08-28 15:26 - 00281400 _____ C:\Windows\Minidump\082813-19312-01.dmp
2013-08-28 15:23 - 2013-08-28 15:22 - 00284864 _____ C:\Windows\Minidump\082813-21060-01.dmp
2013-08-28 15:20 - 2012-09-13 12:37 - 00000000 ____D C:\Users\Claudia\AppData\Local\HP
2013-08-28 15:20 - 2012-08-20 16:24 - 00000000 ___RD C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-28 15:05 - 2013-08-28 15:05 - 00003614 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 6600
2013-08-28 15:05 - 2012-09-13 12:46 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-08-28 15:04 - 2013-08-28 15:04 - 00002120 _____ C:\Users\Public\Desktop\HP Officejet 6600.lnk
2013-08-28 15:04 - 2013-08-28 15:04 - 00001832 _____ C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6600.lnk
2013-08-28 15:04 - 2013-08-28 15:04 - 00001128 _____ C:\Users\Public\Desktop\Zubehör einkaufen - HP Officejet 6600.lnk
2013-08-28 15:04 - 2012-09-13 12:44 - 00000000 ____D C:\Program Files (x86)\HP
2013-08-28 15:03 - 2012-09-13 12:44 - 00000000 ____D C:\ProgramData\HP
2013-08-28 15:02 - 2012-09-13 12:44 - 00000000 ____D C:\Program Files\HP
2013-08-28 14:35 - 2013-08-28 14:35 - 00000057 _____ C:\ProgramData\Ament.ini
2013-08-28 11:07 - 2013-08-28 11:05 - 00000000 ____D C:\Users\Claudia\AppData\Local\{254F66FC-933F-42D9-82D7-BD11A5C2FF0D}
2013-08-27 11:18 - 2013-08-27 11:16 - 00000000 ____D C:\Users\Claudia\AppData\Local\{31CB6FFC-C371-4AD8-8E15-B3118E59A42C}
2013-08-26 13:36 - 2013-08-26 13:36 - 00284864 _____ C:\Windows\Minidump\082613-13587-01.dmp
2013-08-26 11:35 - 2013-08-26 11:35 - 00000000 ____D C:\Users\Claudia\AppData\Local\{B1D647E1-143B-4CAE-BE32-52029DCF3E88}
2013-08-25 13:06 - 2013-08-25 13:06 - 00000000 ____D C:\Users\Claudia\AppData\Local\{0C9945AC-2DFB-47A4-B9CC-C8867F2AD61B}
2013-08-24 14:35 - 2013-08-24 14:31 - 00000000 ____D C:\Users\Claudia\AppData\Local\CyberGhost
2013-08-24 14:35 - 2012-08-20 16:23 - 00000000 ____D C:\Users\Claudia\AppData\Local\VirtualStore
2013-08-24 14:31 - 2013-08-24 14:30 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-24 14:30 - 2013-08-24 14:26 - 00001750 _____ C:\Users\Claudia\Desktop\CyberGhost VPN.lnk
2013-08-24 13:56 - 2013-08-24 13:54 - 00000000 ____D C:\Program Files\TAP-Windows
2013-08-23 15:02 - 2012-09-13 16:15 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-23 15:02 - 2012-09-13 16:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-23 15:02 - 2012-02-21 23:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 23:17 - 2013-08-21 23:17 - 00000000 ____D C:\Users\Claudia\AppData\Local\{838C924C-C305-49D7-B501-DD7D2E147824}
2013-08-21 15:36 - 2013-08-16 22:47 - 00000000 ____D C:\ProgramData\eSafe
2013-08-21 15:30 - 2013-08-21 15:30 - 00039967 _____ C:\Users\Claudia\Desktop\Addition.txt
2013-08-21 15:28 - 2013-08-21 15:28 - 00000000 ____D C:\FRST
2013-08-21 15:08 - 2012-12-24 18:43 - 00000000 ____D C:\Windows\AutoKMS
2013-08-21 12:24 - 2013-08-21 12:24 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-21 12:24 - 2013-08-21 12:24 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\Malwarebytes
2013-08-21 12:24 - 2013-08-21 12:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 12:24 - 2013-08-21 12:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 10:40 - 2013-07-16 22:11 - 00000452 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-08-21 10:32 - 2013-07-22 15:06 - 00002982 _____ C:\Windows\System32\Tasks\AutoKMS
2013-08-21 00:16 - 2012-12-24 18:43 - 00151552 _____ C:\Windows\KMSEmulator.exe
2013-08-20 22:22 - 2013-08-20 22:22 - 00000000 ____D C:\Users\Claudia\AppData\Local\{816270E0-A8BC-4CD4-B9B8-2C067E81216D}
2013-08-20 11:38 - 2013-08-20 11:38 - 00281216 _____ C:\Windows\Minidump\082013-16957-01.dmp
2013-08-19 20:10 - 2013-01-09 20:13 - 00066133 _____ C:\Users\Public\Documents\Konto Postbank.xlsx
2013-08-19 20:10 - 2013-01-08 17:39 - 00084480 _____ C:\Users\Public\Documents\NL Nebenkosten.xls
2013-08-19 16:44 - 2013-08-19 16:44 - 00000000 ____D C:\Users\Claudia\AppData\Local\{5EFEF317-3D79-43A4-BCB9-32385D239DEF}
2013-08-19 16:28 - 2013-08-19 16:28 - 00000000 ____D C:\Users\Claudia\.appwork
2013-08-19 16:28 - 2013-08-16 22:48 - 00000000 ____D C:\Users\Claudia\AppData\Local\JDownloader v2.0
2013-08-19 16:28 - 2012-08-20 16:23 - 00000000 ____D C:\Users\Claudia
2013-08-19 02:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-18 23:33 - 2013-08-18 23:33 - 00019267 _____ C:\AdwCleaner[R2].txt
2013-08-18 23:31 - 2013-08-18 23:31 - 00019206 _____ C:\AdwCleaner[R1].txt
2013-08-18 23:19 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-18 23:10 - 2013-08-16 22:45 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-08-18 23:10 - 2013-08-16 22:45 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-08-18 23:09 - 2013-08-16 22:47 - 00000000 ____D C:\Program Files\DivX
2013-08-18 23:09 - 2013-08-16 22:46 - 00000000 ____D C:\Program Files (x86)\DivX
2013-08-18 23:09 - 2013-08-16 22:45 - 00000000 ____D C:\ProgramData\DivX
2013-08-18 21:49 - 2013-08-18 21:49 - 00000000 ____D C:\Users\Claudia\AppData\Local\{019AD6AB-35F1-47C1-8711-B0EB43A520AC}
2013-08-18 00:16 - 2012-09-14 20:46 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\vlc
2013-08-17 18:46 - 2013-08-16 22:46 - 00000294 _____ C:\Windows\Tasks\DSite.job
2013-08-17 18:45 - 2013-08-16 22:45 - 00000298 _____ C:\Windows\Tasks\Dealply.job
2013-08-17 18:40 - 2013-08-17 18:39 - 00282752 _____ C:\Windows\Minidump\081713-22573-01.dmp
2013-08-17 18:30 - 2013-08-17 17:11 - 00025180 _____ C:\Users\Claudia\Documents\NL Rechnung 13a-13 Engel.xlsx
2013-08-17 18:30 - 2013-08-17 17:10 - 00025395 _____ C:\Users\Claudia\Documents\NL Vertrag 13a-13 Engel.xlsx
2013-08-17 16:42 - 2013-08-17 16:41 - 00000000 ____D C:\Users\Claudia\AppData\Local\{37F86E81-D05F-4A0D-B071-46DAB2C49730}
2013-08-17 12:17 - 2013-08-17 12:17 - 00000000 ____D C:\Users\Claudia\AppData\Local\{8FD6400F-6FA3-4BA8-81BB-99073C11C2F9}
2013-08-17 00:08 - 2013-08-17 00:08 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\DivX
2013-08-16 23:46 - 2013-08-16 23:46 - 00000057 _____ C:\Users\Claudia\AppData\Roaming\WB.CFG
2013-08-16 23:46 - 2013-08-16 23:46 - 00000005 _____ C:\Users\Claudia\AppData\Roaming\WBPU-TTL.DAT
2013-08-16 22:48 - 2013-08-16 22:48 - 00001621 _____ C:\Users\Claudia\Desktop\DivX Movies.lnk
2013-08-16 22:47 - 2013-08-11 13:32 - 00001381 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-16 22:47 - 2013-04-06 12:12 - 00002413 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-16 22:47 - 2012-08-20 16:24 - 00001667 _____ C:\Users\Claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-16 22:47 - 2012-08-20 16:24 - 00001633 _____ C:\Users\Claudia\Desktop\Internet Explorer (64-bit).lnk
2013-08-16 22:46 - 2013-08-16 22:46 - 00003242 _____ C:\Windows\System32\Tasks\DSite
2013-08-16 22:46 - 2013-08-16 22:46 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\DSite
2013-08-16 22:46 - 2013-08-16 22:46 - 00000000 ____D C:\Users\Claudia\AppData\Local\DealPlyLive
2013-08-16 22:46 - 2013-08-16 22:45 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\LavFilters
2013-08-16 22:46 - 2013-08-16 22:45 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\CDXReader
2013-08-16 22:45 - 2013-08-16 22:45 - 00003246 _____ C:\Windows\System32\Tasks\Dealply
2013-08-16 22:45 - 2013-08-16 22:45 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\eIntaller
2013-08-15 13:59 - 2013-08-15 13:59 - 00000000 ____D C:\Users\Claudia\AppData\Local\{44B396B5-9123-4B39-9E11-44FF1E79134D}
2013-08-15 03:08 - 2013-07-23 10:36 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:01 - 2012-02-21 21:44 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 01:40 - 2013-08-15 01:39 - 00000000 ____D C:\Users\Claudia\AppData\Local\{2CA96D2A-1BFB-4196-B126-0EE2165BAB9A}
2013-08-13 20:13 - 2013-08-13 19:48 - 00025054 _____ C:\Users\Claudia\Documents\NL Rechnung 12b-13 Kimpel.xlsx
2013-08-13 19:49 - 2013-08-13 19:42 - 00025457 _____ C:\Users\Claudia\Documents\NL Vertrag 12b-13 Kimpel.xlsx
2013-08-13 11:15 - 2013-08-13 11:14 - 00000000 ____D C:\Users\Claudia\AppData\Local\{82973E3F-6240-4B81-BC37-1417A16052FF}
2013-08-12 20:01 - 2013-01-08 17:36 - 00104448 _____ C:\Users\Public\Documents\NL ABN 2010 2009 2008 2007.xls
2013-08-12 14:00 - 2013-08-12 14:00 - 00000000 ____D C:\Users\Claudia\AppData\Local\{DE792B33-8CE0-4A05-9DD9-4A6ABB905EF9}
2013-08-12 01:36 - 2013-08-12 01:36 - 00000000 ____D C:\Users\Claudia\AppData\Local\{0201EF51-EEEA-4A34-94AD-8DA43A63376E}
2013-08-12 01:23 - 2013-08-12 01:23 - 00000000 ____D C:\Users\Claudia\AppData\Local\{A95081BB-4BC9-4669-B635-0F87778C062A}
2013-08-12 01:20 - 2013-08-12 01:20 - 00000000 ____D C:\Users\Claudia\AppData\Local\{A2BF7023-3BB6-4E6B-8F91-39633E1559B6}
2013-08-11 13:32 - 2013-08-11 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-11 13:32 - 2013-08-07 14:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-11 13:28 - 2013-08-11 13:27 - 21703480 _____ (Mozilla) C:\Users\Claudia\Firefox_Setup_22.0.exe
2013-08-11 13:20 - 2013-08-11 13:20 - 00000000 ____D C:\Users\Claudia\AppData\Local\{8FCE37B1-405B-4471-9FBC-69DE4511873C}
2013-08-10 04:14 - 2013-08-10 04:14 - 00000000 ____D C:\Users\Claudia\AppData\Local\{9ED53E98-03FD-47EE-9B8C-4D939DDE3EC9}
2013-08-09 13:54 - 2013-04-06 16:21 - 00025287 _____ C:\Users\Public\Documents\NL Rechnung 09a-13 Schäfer.lsx.xlsx
2013-08-09 12:26 - 2013-08-09 12:26 - 00000000 ____D C:\Users\Claudia\AppData\Local\{032F903D-503D-4261-8814-FA319C18EED0}
2013-08-08 23:06 - 2013-08-08 23:06 - 00000000 ____D C:\Users\Claudia\AppData\Local\{8E9A6808-043F-4BA7-95CE-8153597CFC7A}
2013-08-07 16:29 - 2013-08-07 16:29 - 00000000 ____D C:\Users\Claudia\AppData\Local\{ED3532DE-4C52-479F-AF97-2AA7440647E3}
2013-08-07 15:34 - 2013-08-07 15:28 - 00000000 ____D C:\Users\Claudia\AppData\Roaming\EurekaLog
2013-08-07 13:00 - 2013-08-07 13:00 - 00000936 _____ C:\Users\Claudia\Desktop\Evernote.lnk
2013-08-07 13:00 - 2013-08-07 13:00 - 00000000 ____D C:\Users\Claudia\AppData\Local\Evernote
2013-08-07 13:00 - 2013-08-07 13:00 - 00000000 ____D C:\Program Files (x86)\Evernote
2013-08-05 16:58 - 2013-08-05 16:58 - 00000000 ____D C:\Users\Claudia\AppData\Local\{54350525-DE3E-403E-913C-9F7126687766}
2013-08-04 21:40 - 2013-08-04 21:40 - 00002216 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-04 21:40 - 2012-08-20 16:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-04 21:35 - 2013-08-04 21:35 - 00000000 ____D C:\Users\Claudia\AppData\Local\{0B91E2E0-6BF9-4238-9FB5-9BA627AF63FF}
2013-08-02 23:02 - 2013-08-02 23:02 - 00000000 ____D C:\Users\Claudia\AppData\Local\{F83FEF0F-8939-4EF7-A286-771FA1652DF0}
2013-07-31 19:25 - 2013-07-31 19:24 - 00000000 ____D C:\Users\Claudia\AppData\Local\{9849D5D8-D4BE-4E0C-9FE5-63CD0F06623B}
2013-07-31 18:09 - 2013-07-31 18:09 - 00000000 ____D C:\Users\Claudia\AppData\Local\{A83CE4E2-4CD0-443B-98FD-C3AA74EC66E9}
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\Users\Claudia\AppData\Local\{F12BE577-A2BC-4E52-98EB-269E40A0FECB}
2013-07-30 09:52 - 2013-07-30 09:52 - 00000000 ____D C:\Users\Claudia\AppData\Local\{87A79A53-18E5-4E6B-AE7E-B598CB5C8925}
2013-07-30 09:50 - 2013-07-30 09:50 - 00001306 _____ C:\Users\Claudia\Desktop\Clean Registry for Free!.lnk
Files to move or delete:
====================
C:\Users\Claudia\Firefox_Setup_22.0.exe
C:\Users\Claudia\googleupdatesetup.exe
C:\Users\Claudia\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Claudia\AppData\Local\Temp\proxy_vole7100288300087732046.dll
C:\Users\Claudia\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Claudia\AppData\Local\Temp\tbFile.dll
C:\Users\Claudia\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Claudia\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Users\Claudia\AppData\Local\Temp\{934E6144-991C-4931-99BB-23FFFF9E0BEA}\ISBEW64.exe
C:\Users\Claudia\AppData\Local\Temp\Temporary ASP.NET Files\root\295beb6b\c873c373\assembly\dl3\f204aec9\00d41b7c_f8c6cd01\WebServiceUpdate.DLL
C:\Users\Claudia\AppData\Local\Temp\Temporary ASP.NET Files\root\295beb6b\c873c373\assembly\dl3\12de5245\00b8d376_c2beca01\lwp_logger_tcp_plugin.DLL
C:\Users\Claudia\AppData\Local\Temp\OO Software\OO LiveUpdate\OO Defrag Professional 16\OOLiveUpdateWorker.exe
C:\Users\Claudia\AppData\Local\Temp\nst1585.tmp\OCSetupHlp.dll
C:\Users\Claudia\AppData\Local\Temp\jna-Claudia\jna6196626911200170531.dll
C:\Users\Claudia\AppData\Local\Temp\is961225091\594971_Setup.EXE
C:\Users\Claudia\AppData\Local\Temp\is961225091\665098_Setup.EXE
C:\Users\Claudia\AppData\Local\Temp\is961225091\MySearchDial.exe
C:\Users\Claudia\AppData\Local\Temp\is357113909\478099_Setup.EXE
C:\Users\Claudia\AppData\Local\Temp\is357113909\CodecPack.exe
C:\Users\Claudia\AppData\Local\Temp\is357113909\dp.exe
C:\Users\Claudia\AppData\Local\Temp\is357113909\wajam_validate.exe
C:\Users\Claudia\AppData\Local\Temp\is-QRHOV.tmp\soref.dll
C:\Users\Claudia\AppData\Local\Temp\is-390AC.tmp\_isetup\_shfoldr.dll
C:\Users\Claudia\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-13 15:45
==================== End Of Log ============================ --- --- ---
und addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2013
Ran by Claudia at 2013-08-29 17:02:53
Running from C:\Users\Claudia\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
2013 (Version: 8.0)
7-Zip 4.31 (x32)
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
ALDI SÜD Mah Jong (x32)
AMI VR-pulse OS Switcher (Version: 1.1)
ArcSoft ShowBiz (x32 Version: )
Ashampoo Burning Studio (x32 Version: 10.0.10)
Ashampoo Photo Commander (x32 Version: 9.2.0)
Ashampoo Photo Optimizer (x32 Version: 4.0.0)
Ashampoo Snap (x32 Version: 4.3.0)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Bing Bar (x32 Version: 6.3.2291.0)
Bing Bar Platform (x32 Version: 6.3.2291.0)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.2052)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.2052)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
CorelDRAW Essentials X5 - Common (x32 Version: 15.3)
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3)
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3)
CorelDRAW Essentials X5 - DE (x32 Version: 15.3)
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3)
CorelDRAW Essentials X5 - EN (x32 Version: 15.3)
CorelDRAW Essentials X5 - ES (x32 Version: 15.3)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0)
CorelDRAW Essentials X5 - Extra Content (x32)
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3)
CorelDRAW Essentials X5 - FR (x32 Version: 15.3)
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3)
CorelDRAW Essentials X5 - IT (x32 Version: 15.3)
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3)
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0)
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3)
CorelDRAW Essentials X5 - WT (x32 Version: 15.3)
CorelDRAW Essentials X5 (x32 Version: 15.2.0.686)
CorelDRAW Essentials X5 (x32 Version: 15.3)
CyberGhost VPN
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229)
CyberLink MediaShow (x32 Version: 5.1.2414a)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430)
CyberLink PhotoNow (x32 Version: 1.1.7717)
CyberLink Power2Go (x32 Version: 7.0.0.1327)
CyberLink PowerDirector (Version: 9.0.0.3621)
CyberLink PowerDirector (x32 Version: 9.0.0.3621)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
CyberLink WaveEditor (x32 Version: 1.0.1.3320)
CyberLink YouCam 5 (x32 Version: 5.0.1402)
D3DX10 (x32 Version: 15.4.2368.0902)
DATA BECKER web to date 6.0 (x32 Version: 6.0.0.2120)
DivX-Setup (x32 Version: 2.6.1.8)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.11)
Easy note taker 3.0 (x32 Version: 3.0.1.0)
eTokenEnroll (x32 Version: 3.0.0)
eTokenPasswd (x32 Version: 4.0.0)
Evernote v. 4.6.7 (x32 Version: 4.6.7.8409)
Fachinformationen HUK (x32 Version: 19.0.0.0)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 28.0.1500.95)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (Version: 22.50.231.0)
HP Officejet 6500 E710a-f Hilfe (x32 Version: 140.0.2.2)
HP Officejet 6600 - Grundlegende Software für das Gerät (Version: 25.0.619.0)
HP Officejet 6600 Hilfe (x32 Version: 140.0.2.2)
HP Update (x32 Version: 5.003.000.004)
HUK-COBURG Angebotssoftware VISonline (x32 Version: 11.8.1)
HUK-COBURG Infrastruktur (x32 Version: 4.3.0)
HUK-COBURG Vertriebsportal 2 (x32 Version: 4.2.2)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
ImgBurn (x32 Version: 2.5.8.0)
inSSIDer (x32 Version: 2.1.6)
Intel PROSet Wireless
Intel(R) Management Engine Components (x32 Version: 8.0.0.1351)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2712)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.0.0.0083)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.0.0.0086)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.1.209)
Intel(R) WiDi (x32 Version: 3.0.12.0)
Intel(R) Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0708)
Intel® Trusted Connect Service Client (Version: 1.23.216.0)
IT9130 Driver v12.2.3.1 (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 45 (x32 Version: 6.0.450)
Java(TM) 7 Update 2 (64-bit) (Version: 7.0.20)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
KODAK Create@Home Software (für dm) (x32 Version: 7.3.4392)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Lexmark X5400 Series
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Marketsplash Schnellzugriffe (x32 Version: 1.0.1.7)
Medion Home Cinema (x32 Version: 8.0.3216)
Memeo Instant Backup (x32 Version: 4.60.0.7943)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (x32 Version: 2.2.114.0)
Microsoft Mathematics (64-Bit) (Version: 4.0)
Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 (x32)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (SQLHUK) (x32 Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MTEXT Library (x32 Version: 1.0.1)
myMugle (x32 Version: 3.0.0.0)
MyScript Notes Lite (x32 Version: 2.2.0.0)
Nvu 1.0 (x32 Version: 1.0)
O&O Defrag Professional (Version: 16.0.139)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PCSUITE SHREDDER (x32)
PHotkey (x32 Version: 1.00.0055)
PhotoScape (x32)
PlayMemories Home (x32 Version: 7.0.00.11271)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6586)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127)
SafeNet Authentication Client 8.1 SP2 (Version: 8.1.425.0)
SafeNet Authentication Manager Client 8.2 (Version: 8.2.158)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.107)
Sony Image Data Suite (x32 Version: 3.2.00.15160)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten (Version: 22.50.231.0)
Studie zur Verbesserung von HP Officejet 6600 Produkten (Version: 25.0.619.0)
Synaptics Pointing Device Driver (Version: 16.0.0.3)
TAP-Windows 9.9.2 (Version: 9.9.2)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.5000.00)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
USB Video/Audio Device Driver (x32 Version: 1.00.0000)
USIM Editor 1.0.33.0 (x32)
VIS Aktualisierung (x32 Version: 2.4.0)
VISonline Diagnose (x32 Version: 2.0.1)
VLC media player 2.0.2 (Version: 2.0.2)
VTP Aktualisierung (x32 Version: 2.5.0)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
==================== Restore Points =========================
29-08-2013 11:29:08 Windows Update
29-08-2013 12:29:42 Removed Microsoft Office Professional Plus 2010
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {042F05B3-219D-411D-9D38-D5C54740E4BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation)
Task: {183F8C73-8574-4E3F-8D32-BDA5C03C02D1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {50BD9D21-C30C-437B-A460-0E2AB16400D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {873C8439-219E-44BF-B1E5-F948CE689A61} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-21] (Microsoft Corporation)
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-21] (Microsoft Corporation)
Task: {A8745861-40DE-4AB1-ACDA-BE29A65DBFED} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation)
Task: {AFE7638D-BB1D-4B7A-8285-6F833AFEA9F6} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe No File
Task: {B8FAAC43-4B35-461E-B04F-137F46175715} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {B966F1C8-429B-473E-B3F8-1B329B19E5E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-23] (Adobe Systems Incorporated)
Task: {BEE4B44A-2A17-419B-92E2-BB099BDB954E} - System32\Tasks\Dealply => C:\Users\Claudia\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE No File
Task: {C5CB5BAE-B1AF-43FA-AEA7-F60CF32BB868} - System32\Tasks\DSite => C:\Users\Claudia\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No File
Task: {CD1E941B-0715-4264-B94E-1BB3E861155D} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {D1952CCA-8991-4BFC-BCC2-3942659F889F} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710a-f => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation)
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-21] (Microsoft Corporation)
Task: {E468D4C2-BDC8-4301-A946-0D3AF20684DA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Claudia\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\DSite.job => C:\Users\Claudia\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Claudia\Thumbs.db:encryptable
AlternateDataStreams: C:\Users\Claudia\Documents\advertentie in de vakantierubriek.eml:OECustomProperty
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2013 02:46:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2013 02:45:59 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 07:19:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 07:18:58 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 07:15:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 07:14:04 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 07:10:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 07:09:38 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 04:23:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 04:22:39 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
System errors:
=============
Error: (08/29/2013 02:45:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Afa Card Reader Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/29/2013 01:28:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.
Error: (08/28/2013 07:19:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%-2147196306
Error: (08/28/2013 07:18:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Afa Card Reader Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/28/2013 07:18:38 PM) (Source: BugCheck) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff8000308ba85, 0xfffff8800be83cf0, 0x0000000000000000)C:\Windows\MEMORY.DMP082813-13790-01
Error: (08/28/2013 07:18:35 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 28.08.2013 um 19:16:33 unerwartet heruntergefahren.
Error: (08/28/2013 07:13:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Afa Card Reader Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/28/2013 07:13:44 PM) (Source: BugCheck) (User: )
Description: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP082813-14040-01
Error: (08/28/2013 07:13:41 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 28.08.2013 um 19:12:09 unerwartet heruntergefahren.
Error: (08/28/2013 07:09:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Afa Card Reader Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (08/29/2013 02:46:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2013 02:45:59 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 07:19:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 07:18:58 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 07:15:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 07:14:04 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 07:10:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 07:09:38 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2013 04:23:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2013 04:22:39 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3990.47 MB
Available physical RAM: 2027.84 MB
Total Pagefile: 7979.12 MB
Available Pagefile: 5216.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:475.21 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:20.37 GB) NTFS
Drive e: (VTP2 4.2.1) (CDROM) (Total:2.83 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 83488348)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=648 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================ MfG |