hilflos123 | 23.07.2013 09:42 | FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-07-2013 01
Ran by Marita (administrator) on 23-07-2013 10:34:48
Running from C:\Users\Marita\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-06-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\RunOnce: [MedionReminder] - C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey [443688 2011-05-26] (CyberLink)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-06-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [MGSysCtrl] - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2010-11-04] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [CLMLServer] - "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] - "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" [136488 2011-04-15] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s [228448 2011-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\maximilian\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\maximilian\...\Policies\system: [LogonHoursAction] 2
HKU\maximilian\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {494483B2-5B8B-4D6F-8DB5-D80ED7A70291} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\ihhm7hjo.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Marita\AppData\Roaming\Mozilla\Firefox\Profiles\ihhm7hjo.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-06-28] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-23 10:34 - 2013-07-23 10:34 - 00000000 ____D C:\FRST
2013-07-23 10:32 - 2013-07-23 10:32 - 01779447 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2013-07-21 16:46 - 2013-07-21 16:46 - 00000000 ____D C:\Users\Marita\AppData\Local\{1105263D-25A1-4FD5-A11D-7551A1257852}
2013-07-15 15:25 - 2013-07-15 15:25 - 00000000 ____D C:\Users\Marita\AppData\Local\Secunia PSI
2013-07-15 15:23 - 2013-07-15 15:23 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-15 15:23 - 2013-07-15 15:23 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-15 15:22 - 2013-07-15 15:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-15 15:19 - 2013-07-15 15:19 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00376576 _____ C:\Users\Marita\Downloads\wot_safe_surfing-20130515-fx.zip
2013-07-15 15:19 - 2013-07-15 15:19 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00000000 ____D C:\Program Files\Java
2013-07-15 15:17 - 2013-07-15 15:17 - 00001083 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\ProgramData\Licenses
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-15 15:17 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2013-07-15 15:16 - 2013-07-15 15:16 - 04095448 _____ (BrightFort LLC ) C:\Users\Marita\Downloads\spywareblastersetup50.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup(1).exe
2013-07-15 15:12 - 2013-07-15 15:12 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-15 15:12 - 2013-07-15 15:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-15 15:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-15 15:11 - 2013-07-15 15:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-07-15 15:10 - 2013-07-15 15:10 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-07-15 15:09 - 2013-07-15 15:10 - 03272136 _____ (Secunia) C:\Users\Marita\Downloads\PSISetup711.exe
2013-07-15 15:04 - 2013-07-15 15:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 15:03 - 2013-07-15 15:05 - 00002484 _____ C:\DelFix.txt
2013-07-15 15:02 - 2013-07-15 15:02 - 00706820 _____ C:\Users\Marita\Downloads\delfix(1).exe
2013-07-15 14:31 - 2013-07-15 14:31 - 00001211 _____ C:\Users\Marita\Desktop\SHK.bat
2013-07-14 14:45 - 2013-07-14 14:45 - 00000000 ____D C:\Users\Marita\Desktop\Neuer Ordner
2013-07-13 13:13 - 2013-07-13 13:13 - 00000178 _____ C:\lxbk.log
2013-07-13 09:27 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 09:27 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-13 09:27 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-13 09:27 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 09:27 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 09:27 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-13 09:27 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 09:27 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-13 09:27 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-13 09:27 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-13 09:27 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 09:27 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 22:09 - 2013-07-12 22:11 - 00000138 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 19:15 - 2013-07-12 19:15 - 00000000 ____D C:\Users\Marita\AppData\Local\{26EA462A-7417-4645-B43D-3C59AB28A14F}
2013-07-12 18:16 - 2013-07-12 18:49 - 00000000 ____D C:\Windows\erdnt
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 09:19 - 2013-07-12 09:19 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Malwarebytes
2013-07-12 09:18 - 2013-07-12 09:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-11 19:54 - 2013-07-22 16:44 - 00006140 _____ C:\Windows\setupact.log
2013-07-11 19:54 - 2013-07-11 19:54 - 00000000 _____ C:\Windows\setuperr.log
2013-07-11 10:57 - 2013-07-11 10:57 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-11 10:55 - 2013-07-11 10:56 - 21703480 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox_Setup_22.0.exe
2013-07-11 09:11 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:11 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:11 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 09:11 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 09:11 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 09:10 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 09:10 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 _____ C:\autoexec.bat
2013-07-10 20:31 - 2013-07-15 14:33 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-10 20:27 - 2013-07-11 19:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 10:27 - 2013-07-08 10:27 - 00000997 _____ C:\Users\Marita\Desktop\PDF Architect.lnk
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Users\Marita\Documents\PDF Architect Files
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-07-08 10:26 - 2013-07-10 20:00 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-07-08 10:26 - 2013-07-08 10:26 - 00001035 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2013-07-08 10:26 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2013-07-08 10:26 - 2013-01-09 15:52 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2013-07-08 10:26 - 2012-05-05 11:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2013-07-08 10:26 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2013-07-08 10:26 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2013-07-08 10:26 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2013-07-08 10:26 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2013-07-08 10:26 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2013-07-08 10:18 - 2013-07-08 10:18 - 17502040 _____ (pdfforge GbR) C:\Users\Marita\Downloads\PDFCreator-1_7_0_setup.exe
2013-07-04 11:10 - 2013-07-04 11:10 - 00000000 ____D C:\Users\Marita\Desktop\Canon
2013-07-03 11:06 - 2013-07-12 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 10:32 - 2013-07-03 10:32 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-06-28 09:27 - 2013-06-27 21:58 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-06-26 22:39 - 2013-06-27 21:58 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-06-26 22:39 - 2013-06-27 21:58 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
==================== One Month Modified Files and Folders =======
2013-07-23 10:34 - 2013-07-23 10:34 - 00000000 ____D C:\FRST
2013-07-23 10:32 - 2013-07-23 10:32 - 01779447 _____ (Farbar) C:\Users\Marita\Downloads\FRST64.exe
2013-07-23 10:30 - 2012-09-22 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-23 10:05 - 2012-09-14 16:58 - 01428317 _____ C:\Windows\WindowsUpdate.log
2013-07-23 08:35 - 2012-10-30 16:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-07-23 08:35 - 2012-09-15 11:12 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Skype
2013-07-22 16:52 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 16:52 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-22 16:44 - 2013-07-11 19:54 - 00006140 _____ C:\Windows\setupact.log
2013-07-22 16:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-21 16:47 - 2011-05-16 16:04 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-07-21 16:47 - 2011-05-16 16:04 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-07-21 16:47 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-21 16:46 - 2013-07-21 16:46 - 00000000 ____D C:\Users\Marita\AppData\Local\{1105263D-25A1-4FD5-A11D-7551A1257852}
2013-07-18 13:01 - 2013-04-12 18:41 - 00316416 ___SH C:\Users\Marita\Documents\Thumbs.db
2013-07-18 12:44 - 2012-09-16 14:29 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-17 14:55 - 2012-09-15 11:15 - 00000000 ____D C:\Users\Marita\Documents\Youcam
2013-07-15 15:25 - 2013-07-15 15:25 - 00000000 ____D C:\Users\Marita\AppData\Local\Secunia PSI
2013-07-15 15:24 - 2012-09-15 12:34 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-07-15 15:24 - 2011-07-18 23:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-07-15 15:23 - 2013-07-15 15:23 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-15 15:23 - 2013-07-15 15:23 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-15 15:23 - 2013-07-15 15:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-15 15:23 - 2011-07-18 23:13 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-15 15:22 - 2013-07-15 15:22 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-15 15:19 - 2013-07-15 15:19 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00376576 _____ C:\Users\Marita\Downloads\wot_safe_surfing-20130515-fx.zip
2013-07-15 15:19 - 2013-07-15 15:19 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-15 15:19 - 2013-07-15 15:19 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-15 15:19 - 2013-07-15 15:19 - 00000000 ____D C:\Program Files\Java
2013-07-15 15:19 - 2011-07-18 23:14 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-15 15:17 - 2013-07-15 15:17 - 00001083 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\ProgramData\Licenses
2013-07-15 15:17 - 2013-07-15 15:17 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-07-15 15:17 - 2012-09-22 09:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-15 15:17 - 2012-09-22 09:33 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-15 15:17 - 2011-12-01 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-15 15:16 - 2013-07-15 15:16 - 04095448 _____ (BrightFort LLC ) C:\Users\Marita\Downloads\spywareblastersetup50.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup.exe
2013-07-15 15:14 - 2013-07-15 15:14 - 00906440 _____ (BillP Studios) C:\Users\Marita\Downloads\wpsetup(1).exe
2013-07-15 15:12 - 2013-07-15 15:12 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-15 15:12 - 2013-07-15 15:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-15 15:11 - 2013-07-15 15:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Marita\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-07-15 15:10 - 2013-07-15 15:10 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-07-15 15:10 - 2013-07-15 15:09 - 03272136 _____ (Secunia) C:\Users\Marita\Downloads\PSISetup711.exe
2013-07-15 15:05 - 2013-07-15 15:03 - 00002484 _____ C:\DelFix.txt
2013-07-15 15:04 - 2013-07-15 15:04 - 00000000 ____D C:\Windows\ERUNT
2013-07-15 15:02 - 2013-07-15 15:02 - 00706820 _____ C:\Users\Marita\Downloads\delfix(1).exe
2013-07-15 14:33 - 2013-07-10 20:31 - 00000000 ____D C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP
2013-07-15 14:31 - 2013-07-15 14:31 - 00001211 _____ C:\Users\Marita\Desktop\SHK.bat
2013-07-15 14:00 - 2013-02-19 14:08 - 00000022 _____ C:\Users\Marita\Downloads\Files.zip
2013-07-15 13:57 - 2013-02-19 14:30 - 00000022 _____ C:\Users\Marita\Downloads\Files(1).zip
2013-07-15 13:56 - 2013-04-23 10:24 - 00083456 ___SH C:\Users\Marita\Downloads\Thumbs.db
2013-07-15 12:35 - 2012-09-14 17:06 - 00000000 ____D C:\Users\Marita
2013-07-14 14:45 - 2013-07-14 14:45 - 00000000 ____D C:\Users\Marita\Desktop\Neuer Ordner
2013-07-13 13:13 - 2013-07-13 13:13 - 00000178 _____ C:\lxbk.log
2013-07-13 13:13 - 2012-12-10 12:53 - 00002462 _____ C:\Windows\system32\LexFiles.ulf
2013-07-13 10:00 - 2011-07-18 22:54 - 00000000 ____D C:\Windows\Panther
2013-07-13 09:59 - 2009-07-14 06:45 - 00309408 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 09:58 - 2013-03-15 10:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-13 09:58 - 2013-03-15 10:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-13 09:56 - 2011-04-12 10:28 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 09:56 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 09:56 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 09:29 - 2011-07-18 22:31 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-12 22:11 - 2013-07-12 22:09 - 00000138 _____ C:\Windows\DeleteOnReboot.bat
2013-07-12 19:15 - 2013-07-12 19:15 - 00000000 ____D C:\Users\Marita\AppData\Local\{26EA462A-7417-4645-B43D-3C59AB28A14F}
2013-07-12 19:00 - 2012-09-15 14:48 - 00001338 __RSH C:\Users\maximilian\ntuser.pol
2013-07-12 19:00 - 2012-09-15 12:03 - 00000000 ____D C:\Users\maximilian
2013-07-12 18:54 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-12 18:50 - 2012-09-14 17:06 - 00000000 ___RD C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-12 18:49 - 2013-07-12 18:16 - 00000000 ____D C:\Windows\erdnt
2013-07-12 18:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-12 18:43 - 2009-07-14 04:34 - 83361792 _____ C:\Windows\system32\config\software.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 27262976 _____ C:\Windows\system32\config\system.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-07-12 18:43 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-07-12 13:05 - 2013-07-12 13:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-07-12 12:57 - 2012-09-14 17:12 - 00000000 ____D C:\Users\Marita\AppData\Local\Google
2013-07-12 12:55 - 2013-07-03 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-12 09:19 - 2013-07-12 09:19 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Malwarebytes
2013-07-12 09:18 - 2013-07-12 09:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-11 19:59 - 2012-11-24 20:42 - 00000000 ____D C:\Users\Marita\.jivex
2013-07-11 19:54 - 2013-07-11 19:54 - 00000000 _____ C:\Windows\setuperr.log
2013-07-11 19:30 - 2013-07-10 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-11 19:30 - 2009-07-14 07:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-11 10:57 - 2013-07-11 10:57 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-11 10:56 - 2013-07-11 10:55 - 21703480 _____ (Mozilla) C:\Users\Marita\Downloads\Firefox_Setup_22.0.exe
2013-07-10 20:33 - 2013-07-10 20:33 - 00000000 _____ C:\autoexec.bat
2013-07-10 20:00 - 2013-07-08 10:26 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-07-08 10:27 - 2013-07-08 10:27 - 00000997 _____ C:\Users\Marita\Desktop\PDF Architect.lnk
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Users\Marita\Documents\PDF Architect Files
2013-07-08 10:27 - 2013-07-08 10:27 - 00000000 ____D C:\Program Files (x86)\PDF Architect
2013-07-08 10:26 - 2013-07-08 10:26 - 00001035 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2013-07-08 10:18 - 2013-07-08 10:18 - 17502040 _____ (pdfforge GbR) C:\Users\Marita\Downloads\PDFCreator-1_7_0_setup.exe
2013-07-08 09:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-04 11:10 - 2013-07-04 11:10 - 00000000 ____D C:\Users\Marita\Desktop\Canon
2013-07-03 10:32 - 2013-07-03 10:32 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-06-28 14:06 - 2012-09-29 20:16 - 00000000 ____D C:\ProgramData\CanonIJ
2013-06-27 21:58 - 2013-06-28 09:27 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-06-27 21:58 - 2013-06-26 22:39 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-06-27 21:58 - 2013-06-26 22:39 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-06-27 21:58 - 2013-06-06 16:08 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-06-27 21:58 - 2012-10-30 16:07 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-06-27 21:58 - 2012-10-30 16:07 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-06-27 10:43 - 2013-05-26 10:30 - 00000000 ____D C:\Windows\Minidump
2013-06-26 19:37 - 2013-01-23 20:29 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-06-26 19:37 - 2012-09-14 17:06 - 00000000 ____D C:\Users\Marita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2013-06-26 19:37 - 2011-04-12 10:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-06-26 19:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-26 19:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-26 09:39 - 2012-10-30 16:07 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-06-26 09:39 - 2012-10-30 16:07 - 00000000 _____ C:\Windows\SysWOW64\config.nt
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-03 11:34
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-07-2013 01
Ran by Marita at 2013-07-23 10:36:12
Running from C:\Users\Marita\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
AMD APP SDK Runtime (Version: 2.5.684.212)
AMD Fuel (Version: 2011.0627.1558.26805)
AMD Media Foundation Decoders (Version: 1.0.60627.1551)
AMD VISION Engine Control Center (x32 Version: 2011.0627.1558.26805)
ATI Catalyst Install Manager (Version: 3.0.833.0)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon MP Navigator EX 3.0 (x32)
Canon MP560 series Benutzerregistrierung (x32)
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX (x32)
Canon Utilities My Printer (x32)
Canon Utilities Solution Menu (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center InstallProxy (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Localization All (x32 Version: 2011.0627.1558.26805)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0627.1558.26805)
CCC Help Chinese Standard (x32 Version: 2011.0627.1557.26805)
CCC Help Chinese Traditional (x32 Version: 2011.0627.1557.26805)
CCC Help Czech (x32 Version: 2011.0627.1557.26805)
CCC Help Danish (x32 Version: 2011.0627.1557.26805)
CCC Help Dutch (x32 Version: 2011.0627.1557.26805)
CCC Help English (x32 Version: 2011.0627.1557.26805)
CCC Help Finnish (x32 Version: 2011.0627.1557.26805)
CCC Help French (x32 Version: 2011.0627.1557.26805)
CCC Help German (x32 Version: 2011.0627.1557.26805)
CCC Help Greek (x32 Version: 2011.0627.1557.26805)
CCC Help Hungarian (x32 Version: 2011.0627.1557.26805)
CCC Help Italian (x32 Version: 2011.0627.1557.26805)
CCC Help Japanese (x32 Version: 2011.0627.1557.26805)
CCC Help Korean (x32 Version: 2011.0627.1557.26805)
CCC Help Norwegian (x32 Version: 2011.0627.1557.26805)
CCC Help Polish (x32 Version: 2011.0627.1557.26805)
CCC Help Portuguese (x32 Version: 2011.0627.1557.26805)
CCC Help Russian (x32 Version: 2011.0627.1557.26805)
CCC Help Spanish (x32 Version: 2011.0627.1557.26805)
CCC Help Swedish (x32 Version: 2011.0627.1557.26805)
CCC Help Thai (x32 Version: 2011.0627.1557.26805)
CCC Help Turkish (x32 Version: 2011.0627.1557.26805)
ccc-utility64 (Version: 2011.0627.1558.26805)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
CompuLearn Französisch (x32 Version: 1.0.0)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Power2Go (x32 Version: 7.0.0.1327)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
CyberLink PowerRecover (x32 Version: 5.5.4125)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.5.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
kd - Das Spiel! (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Medion Home Cinema (x32 Version: 8.0.2608)
Memeo Instant Backup (x32 Version: 4.60.0.7943)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Open It! - Zip Extractor Packages (HKCU)
Open It! - Zip Extractor Packages 1 (HKCU)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plus-HD-2.3 (x32 Version: 1.27.153.8)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.32.1111.2010)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6121)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6378)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10008)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0168)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Skype™ 6.3 (x32 Version: 6.3.107)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
System Control Manager (x32 Version: 2.210.1104.M007.02)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Open It! - Zip Extractor (HKCU)
Ware PS/2-X64 8.0.5.4_WHQL (Version: 8.0.5.4)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
==================== Restore Points =========================
15-07-2013 13:05:02 Ende der Bereinigung
19-07-2013 07:35:51 Windows Update
23-07-2013 06:47:38 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-07-12 18:45 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1EDB6F6E-9AC7-453D-8BA7-B9A2D03A4C4F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {28C512B2-87D2-49B0-A8AB-2C917A758599} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {35FB055F-7197-4CC8-9729-F6538C16CC71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated)
Task: {3A4119BA-6D82-43C6-BEFF-F0D28D891CB4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {51F2399C-6F30-4D4E-B42F-814576108FE0} - \EPUpdater No Task File
Task: {555836C7-B6D3-4E52-A649-3C89B1C9B368} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2600190288-3454844672-747242631-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7E1BE8A1-1983-4E8A-A0EA-658F86F945B8} - System32\Tasks\{8BA0C7A3-50D5-4CA0-B411-723A24B5DE6B} => c:\program files (x86)\internet explorer\iexplore.exe [2013-06-12] (Microsoft Corporation)
Task: {DC2C2D73-98E8-4AC9-9B3F-FB8382A1060D} - \DealPlyUpdate No Task File
Task: {DF383A1C-7936-4EB0-AB38-708182F6D16A} - \BrowserDefendert No Task File
Task: {E3776F15-8374-4706-AB20-67F368CA178E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {EEEE41FB-6F85-469C-8B55-FB4D12F8D8E2} - \QtraxPlayer No Task File
Task: {F2296515-8A50-4FED-BE13-9FDD86A4D249} - \DealPly No Task File
Task: {FBBB18BC-1410-48E0-99B3-B4FD4C3DA1D2} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 11\SymInstallStub.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2013 04:45:24 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (07/21/2013 08:58:37 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 1.70.0.0, Zeitstempel: 0x512fc058
Name des fehlerhaften Moduls: mbamnet.dll, Version: 1.70.0.0, Zeitstempel: 0x512fc02d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000af39
ID des fehlerhaften Prozesses: 0x7b8
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (07/15/2013 03:43:42 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (07/15/2013 03:21:36 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\310F1F66F80057842B38A518B4283074\SourceList".
Error: (07/15/2013 03:18:07 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\310F1F66F80057842B38A518B4283074\SourceList".
Error: (07/15/2013 01:54:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/15/2013 01:54:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/15/2013 10:04:57 AM) (Source: Application Hang) (User: )
Description: Programm Spyhunter4.exe, Version 4.14.5.4268 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 620
Startzeit: 01ce8131689c987e
Endzeit: 16
Anwendungspfad: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Berichts-ID: f7ff4c85-ed24-11e2-8aa1-8c89a5a8c109
Error: (07/13/2013 05:28:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/13/2013 05:26:38 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (07/23/2013 10:34:01 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM
Error: (07/23/2013 10:34:01 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE
Error: (07/23/2013 10:34:01 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_REQUEST
Error: (07/23/2013 10:30:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM
Error: (07/23/2013 10:30:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE
Error: (07/23/2013 10:30:30 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE
Error: (07/23/2013 08:35:12 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM
Error: (07/23/2013 08:35:12 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE
Error: (07/23/2013 08:35:12 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE
Error: (07/22/2013 11:01:43 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM
Microsoft Office Sessions:
=========================
Error: (07/22/2013 04:45:24 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (07/21/2013 08:58:37 AM) (Source: Application Error)(User: )
Description: mbamscheduler.exe1.70.0.0512fc058mbamnet.dll1.70.0.0512fc02dc00000050000af397b801ce82c48c468952C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dllf719c68d-f1d2-11e2-a56b-8c89a5a8c109
Error: (07/15/2013 03:43:42 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (07/15/2013 03:21:36 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\310F1F66F80057842B38A518B4283074\SourceList(NULL)(NULL)(NULL)
Error: (07/15/2013 03:18:07 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageNameHKLM\Software\Classes\Installer\Products\310F1F66F80057842B38A518B4283074\SourceList(NULL)(NULL)(NULL)
Error: (07/15/2013 01:54:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(1).exe
Error: (07/15/2013 01:54:51 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu(1).exe
Error: (07/15/2013 10:04:57 AM) (Source: Application Hang)(User: )
Description: Spyhunter4.exe4.14.5.426862001ce8131689c987e16C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exef7ff4c85-ed24-11e2-8aa1-8c89a5a8c109
Error: (07/13/2013 05:28:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/13/2013 05:26:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marita\Downloads\esetsmartinstaller_enu.exe
CodeIntegrity Errors:
===================================
Date: 2013-07-12 18:39:33.666
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-07-12 18:39:33.307
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 3563.75 MB
Available physical RAM: 1251.77 MB
Total Pagefile: 7125.68 MB
Available Pagefile: 4508.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:377.13 GB) NTFS (Disk=0 Partition=2)
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:30.58 GB) NTFS (Disk=0 Partition=3)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================ ich hoffe, dass ich alles richtig gemacht habe ;)
der scan wiederholt sich laufend und nun ist er auf serching files. völlig selbstständig. Ist das normal |