katrin01 | 28.12.2013 13:48 | FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2013 01
Ran by Katrin (administrator) on Katrin_PC on 28-12-2013 13:40:34
Running from C:\Users\Katrin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Users\Katrin\Forefront UAG Remote Access Agent\iportalsickkidsca\iportaltwo1\uagqecsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-03-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-08] (Acer Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-02-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\Katrin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-04-25] (Google Inc.)
MountPoints2: {0ca4d8a3-7156-11e2-a64b-dc0ea1bbb121} - F:\SETUP.EXE
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
AppInit_DLLs: [ ] ()
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://startpage.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://startpage.com/do/search?query={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://startpage.com/do/search?query={searchTerms}
SearchScopes: HKCU - {25F82E00-721F-43A9-9CE4-08BFDF1B2613} URL = hxxp://www.mysearchresults.com/search?c=2408&t=14&q={searchTerms}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Katrin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Katrin\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Katrin\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Katrin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Katrin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: German Dictionary - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Woordenboek Nederlands - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\nl-NL@dictionaries.addons.mozilla.org
FF Extension: SelectionLinks - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\{1EBD8847-199B-4B3B-B4B8-91E3B80FCDBF}
FF Extension: Myibidder (Myibay) Bid Sniper for eBay - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\firefox1@myibay.com.xpi
FF Extension: No Name - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\savedpasswordeditor@daniel.dawson.xpi
FF Extension: SciLor's Grooveshark(tm) Unlocker for Germany - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\SciLorsGrooveUnlocker@scilor.com.xpi
FF Extension: Adblock Plus - C:\Users\Katrin\AppData\Roaming\Mozilla\Firefox\Profiles\lzm5cqp9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\firefox.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 uagqecsvc; C:\Users\Katrin\Forefront UAG Remote Access Agent\iportalsickkidsca\iportaltwo1\uagqecsvc.exe [144896 2013-09-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-28 13:07 - 2013-12-28 13:08 - 00026551 _____ C:\Users\Katrin\Desktop\Addition.txt
2013-12-28 13:05 - 2013-12-28 13:40 - 00014510 _____ C:\Users\Katrin\Desktop\FRST.txt
2013-12-28 12:51 - 2013-12-28 12:51 - 01930746 _____ (Farbar) C:\Users\Katrin\Desktop\FRST64.exe
2013-12-28 12:51 - 2013-12-28 12:51 - 00000000 ____D C:\FRST
2013-12-28 02:42 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-28 02:41 - 2013-12-28 02:41 - 00004154 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-28 02:41 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-28 02:41 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-28 02:41 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-26 03:09 - 2013-12-26 03:09 - 00000000 ____D C:\Users\Katrin\Desktop\104_PANA
2013-12-26 03:08 - 2013-12-26 03:08 - 00000000 ____D C:\Users\Katrin\Desktop\Dale Carnegie - Sorge Dich nicht - lebe!
2013-12-25 22:23 - 2013-12-28 13:39 - 00000224 _____ C:\Windows\setupact.log
2013-12-25 22:23 - 2013-12-25 22:23 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 22:13 - 2013-12-25 22:14 - 00429808 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 22:13 - 2013-12-25 22:13 - 00000820 _____ C:\Windows\PFRO.log
2013-12-25 22:09 - 2013-12-25 22:17 - 00002668 _____ C:\Users\Katrin\Desktop\Rkill.txt
2013-12-25 22:09 - 2013-12-25 22:09 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Katrin\Downloads\eXplorer.exe
2013-12-25 22:09 - 2013-12-25 22:09 - 00000000 ____D C:\Users\Katrin\Desktop\rkill
2013-12-25 21:52 - 2013-12-25 21:52 - 00112096 _____ C:\Users\Katrin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:34 - 2013-12-25 21:34 - 04645232 _____ (Piriform Ltd) C:\Users\Katrin\Downloads\ccsetup409(1).exe
2013-12-25 21:30 - 2013-12-25 21:30 - 04645232 _____ (Piriform Ltd) C:\Users\Katrin\Downloads\ccsetup409.exe
2013-12-19 00:02 - 2013-12-19 00:25 - 301690957 _____ C:\Users\Katrin\Downloads\Der_Freie_Wille_p1-2.flv
2013-12-18 23:18 - 2013-12-18 23:27 - 732624896 _____ C:\Users\Katrin\Downloads\The.Science.of.Sleep.DVDRip.XViD.avi
2013-12-17 23:49 - 2013-12-17 23:49 - 79342623 _____ C:\Users\Katrin\Desktop\pics for rani.rar
2013-12-17 23:31 - 2013-12-17 23:48 - 00000000 ____D C:\Users\Katrin\Desktop\pics for rani
2013-12-13 09:25 - 2013-12-13 10:09 - 00020110 ____H C:\Users\Katrin\Desktop\~WRL4049.tmp
2013-12-13 09:23 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:23 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:23 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:23 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 09:19 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 09:19 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 09:19 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 09:19 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 09:19 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 09:19 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-13 09:19 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 09:19 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 09:19 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 09:19 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 09:19 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 09:19 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 09:19 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 09:19 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-13 09:19 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 09:19 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 09:19 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 09:19 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 09:19 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-13 09:19 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-13 09:19 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 09:19 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 09:19 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 09:19 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-13 09:19 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 09:19 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 09:19 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 09:19 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-13 09:19 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-13 09:19 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 09:19 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 20:30 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 20:30 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 20:30 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 20:30 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 20:30 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 20:30 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 20:30 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:30 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:30 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 20:30 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:30 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:30 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 20:30 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 20:30 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:30 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 20:30 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 20:30 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 20:30 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:30 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 22:53 - 2013-12-10 22:53 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2013-12-10 22:52 - 2013-12-10 22:52 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-12-10 14:34 - 2013-12-10 14:34 - 00283055 _____ C:\Users\Katrin\Downloads\AllResponses_Logfiles.xlsx
2013-12-10 14:34 - 2013-12-10 14:34 - 00000165 ____H C:\Users\Katrin\Downloads\~$AllResponses_Logfiles.xlsx
2013-12-10 14:24 - 2013-12-25 21:30 - 00000000 ____D C:\Users\Katrin\Desktop\Projectjes December 2013
2013-12-08 15:35 - 2013-12-08 15:35 - 00000355 _____ C:\Users\Katrin\Computer - Shortcut.lnk
2013-12-08 15:34 - 2013-12-08 17:54 - 00000835 _____ C:\Users\Katrin\Downloads\Pics - Rani.zip
2013-12-08 15:34 - 2013-12-08 17:54 - 00000835 _____ C:\Users\Katrin\Downloads\3 Aug - Caribean festival.zip
2013-12-05 17:08 - 2013-12-05 17:08 - 00000000 ____D C:\Users\Katrin\Desktop\lianne
2013-12-05 16:58 - 2013-12-05 17:06 - 00000000 ___RD C:\Users\Katrin\Copy
2013-12-05 16:56 - 2013-12-05 17:11 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-05 16:56 - 2013-12-05 17:11 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\Copy
2013-12-05 16:48 - 2013-12-05 16:55 - 48530640 _____ (Barracuda Networks, Inc.) C:\Users\Katrin\Downloads\Copy-1.37.0546.exe
2013-12-05 00:20 - 2013-12-05 00:20 - 30694824 _____ (Oracle Corporation) C:\Users\Katrin\Downloads\jre-7u45-windows-x64(1).exe
2013-12-04 23:27 - 2013-12-04 23:26 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-04 23:27 - 2013-12-04 23:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-04 23:27 - 2013-12-04 23:26 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-04 23:27 - 2013-12-04 23:26 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-04 23:26 - 2013-12-04 23:26 - 00000000 ____D C:\Program Files\Java
2013-12-04 23:25 - 2013-12-04 23:26 - 30694824 _____ (Oracle Corporation) C:\Users\Katrin\Downloads\jre-7u45-windows-x64.exe
2013-12-04 17:22 - 2013-12-04 17:56 - 00017995 ____H C:\Users\Katrin\Desktop\~WRL0005.tmp
2013-11-29 08:53 - 2013-12-04 22:44 - 00017101 ____H C:\Users\Katrin\Desktop\~WRL0006.tmp
2013-11-29 08:53 - 2013-11-29 10:56 - 00016495 ____H C:\Users\Katrin\Desktop\~WRL0834.tmp
2013-11-29 08:53 - 2013-11-29 08:53 - 00000000 ____H C:\Users\Katrin\Desktop\~WRL2340.tmp
2013-11-28 20:32 - 2013-11-28 22:21 - 334647700 _____ C:\Users\Katrin\Downloads\Surface03.rar
==================== One Month Modified Files and Folders =======
2013-12-28 13:41 - 2013-12-28 13:05 - 00014510 _____ C:\Users\Katrin\Desktop\FRST.txt
2013-12-28 13:40 - 2013-10-26 21:31 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-28 13:40 - 2013-02-09 14:06 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\Skype
2013-12-28 13:39 - 2013-12-25 22:23 - 00000224 _____ C:\Windows\setupact.log
2013-12-28 13:39 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 13:38 - 2012-06-15 22:14 - 01225327 _____ C:\Windows\WindowsUpdate.log
2013-12-28 13:08 - 2013-12-28 13:07 - 00026551 _____ C:\Users\Katrin\Desktop\Addition.txt
2013-12-28 13:00 - 2013-04-25 09:58 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000UA.job
2013-12-28 12:54 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-28 12:54 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-28 12:51 - 2013-12-28 12:51 - 01930746 _____ (Farbar) C:\Users\Katrin\Desktop\FRST64.exe
2013-12-28 12:51 - 2013-12-28 12:51 - 00000000 ____D C:\FRST
2013-12-28 02:42 - 2013-09-23 03:38 - 00000000 ____D C:\ProgramData\Oracle
2013-12-28 02:41 - 2013-12-28 02:41 - 00004154 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-12-28 02:41 - 2013-09-23 03:36 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-26 03:09 - 2013-12-26 03:09 - 00000000 ____D C:\Users\Katrin\Desktop\104_PANA
2013-12-26 03:08 - 2013-12-26 03:08 - 00000000 ____D C:\Users\Katrin\Desktop\Dale Carnegie - Sorge Dich nicht - lebe!
2013-12-26 02:40 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-26 02:37 - 2013-10-10 01:42 - 00000000 ____D C:\Users\Katrin\Desktop\fb
2013-12-26 02:37 - 2013-09-02 03:37 - 00000000 ____D C:\Users\Katrin\Desktop\rani
2013-12-25 22:23 - 2013-12-25 22:23 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 22:17 - 2013-12-25 22:09 - 00002668 _____ C:\Users\Katrin\Desktop\Rkill.txt
2013-12-25 22:14 - 2013-12-25 22:13 - 00429808 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 22:13 - 2013-12-25 22:13 - 00000820 _____ C:\Windows\PFRO.log
2013-12-25 22:09 - 2013-12-25 22:09 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Katrin\Downloads\eXplorer.exe
2013-12-25 22:09 - 2013-12-25 22:09 - 00000000 ____D C:\Users\Katrin\Desktop\rkill
2013-12-25 21:52 - 2013-12-25 21:52 - 00112096 _____ C:\Users\Katrin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-25 21:43 - 2013-05-01 13:32 - 00000000 ____D C:\backups
2013-12-25 21:42 - 2013-02-07 19:47 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\uTorrent
2013-12-25 21:41 - 2013-04-20 09:13 - 00000000 ____D C:\Users\Katrin\AppData\Local\CrashDumps
2013-12-25 21:41 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2013-12-25 21:40 - 2013-07-14 16:17 - 00000472 _____ C:\Windows\wininit.ini
2013-12-25 21:37 - 2013-10-25 19:43 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-25 21:35 - 2013-09-25 04:20 - 00000786 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-25 21:35 - 2013-02-07 19:47 - 00000000 ____D C:\Program Files\CCleaner
2013-12-25 21:34 - 2013-12-25 21:34 - 04645232 _____ (Piriform Ltd) C:\Users\Katrin\Downloads\ccsetup409(1).exe
2013-12-25 21:30 - 2013-12-25 21:30 - 04645232 _____ (Piriform Ltd) C:\Users\Katrin\Downloads\ccsetup409.exe
2013-12-25 21:30 - 2013-12-10 14:24 - 00000000 ____D C:\Users\Katrin\Desktop\Projectjes December 2013
2013-12-25 20:44 - 2013-04-25 09:58 - 00001018 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000Core.job
2013-12-23 17:28 - 2013-02-08 00:23 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\vlc
2013-12-23 16:47 - 2013-02-08 00:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 01:04 - 2013-02-08 00:13 - 00000000 ____D C:\Program Files\uninstall
2013-12-23 01:02 - 2013-09-25 04:00 - 03449456 _____ (Mozilla Foundation) C:\Program Files\gkmedias.dll
2013-12-23 01:02 - 2013-09-25 04:00 - 00647280 _____ (Mozilla Foundation) C:\Program Files\libGLESv2.dll
2013-12-23 01:02 - 2013-09-25 04:00 - 00302192 _____ (Mozilla Foundation) C:\Program Files\freebl3.dll
2013-12-23 01:02 - 2013-09-25 04:00 - 00275568 _____ (Mozilla Corporation) C:\Program Files\firefox.exe
2013-12-23 01:02 - 2013-09-25 04:00 - 00194552 _____ (Mozilla Corporation) C:\Program Files\maintenanceservice_installer.exe
2013-12-23 01:02 - 2013-09-25 04:00 - 00119408 _____ (Mozilla Foundation) C:\Program Files\maintenanceservice.exe
2013-12-23 01:02 - 2013-09-25 04:00 - 00117360 _____ (Mozilla Foundation) C:\Program Files\crashreporter.exe
2013-12-23 01:02 - 2013-09-25 04:00 - 00075376 _____ (Mozilla Foundation) C:\Program Files\breakpadinjector.dll
2013-12-23 01:02 - 2013-09-25 04:00 - 00053360 _____ (Mozilla Foundation) C:\Program Files\libEGL.dll
2013-12-23 01:02 - 2013-09-25 04:00 - 00020080 _____ (Mozilla Foundation) C:\Program Files\AccessibleMarshal.dll
2013-12-23 01:02 - 2013-09-25 04:00 - 00000899 _____ C:\Program Files\freebl3.chk
2013-12-23 01:02 - 2013-09-25 04:00 - 00000685 _____ C:\Program Files\application.ini
2013-12-23 01:02 - 2013-09-25 04:00 - 00000000 ____D C:\Program Files\dictionaries
2013-12-23 01:02 - 2013-09-25 04:00 - 00000000 ____D C:\Program Files\browser
2013-12-23 01:02 - 2013-02-08 00:13 - 00000000 ____D C:\Program Files\webapprt
2013-12-23 01:01 - 2013-09-25 04:00 - 22370928 _____ (Mozilla Foundation) C:\Program Files\xul.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 08286039 _____ C:\Program Files\omni.ja
2013-12-23 01:01 - 2013-09-25 04:00 - 03559024 _____ C:\Program Files\mozjs.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 01776240 _____ (Mozilla Foundation) C:\Program Files\nss3.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 00393840 _____ (Mozilla Foundation) C:\Program Files\nssckbi.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 00276592 _____ (Mozilla Foundation) C:\Program Files\updater.exe
2013-12-23 01:01 - 2013-09-25 04:00 - 00170960 _____ (Mozilla Corporation) C:\Program Files\webapp-uninstaller.exe
2013-12-23 01:01 - 2013-09-25 04:00 - 00153712 _____ (Mozilla Foundation) C:\Program Files\softokn3.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 00130672 _____ (Mozilla Foundation) C:\Program Files\mozglue.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 00108144 _____ (Mozilla Foundation) C:\Program Files\webapprt-stub.exe
2013-12-23 01:01 - 2013-09-25 04:00 - 00092272 _____ (Mozilla Foundation) C:\Program Files\nssdbm3.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 00028272 _____ (Mozilla Corporation) C:\Program Files\plugin-hang-ui.exe
2013-12-23 01:01 - 2013-09-25 04:00 - 00018544 _____ (Mozilla Corporation) C:\Program Files\plugin-container.exe
2013-12-23 01:01 - 2013-09-25 04:00 - 00017008 _____ (Mozilla Foundation) C:\Program Files\mozalloc.dll
2013-12-23 01:01 - 2013-09-25 04:00 - 00002019 _____ C:\Program Files\precomplete
2013-12-23 01:01 - 2013-09-25 04:00 - 00000899 _____ C:\Program Files\softokn3.chk
2013-12-23 01:01 - 2013-09-25 04:00 - 00000899 _____ C:\Program Files\nssdbm3.chk
2013-12-23 01:01 - 2013-09-25 04:00 - 00000140 _____ C:\Program Files\platform.ini
2013-12-19 00:25 - 2013-12-19 00:02 - 301690957 _____ C:\Users\Katrin\Downloads\Der_Freie_Wille_p1-2.flv
2013-12-18 23:27 - 2013-12-18 23:18 - 732624896 _____ C:\Users\Katrin\Downloads\The.Science.of.Sleep.DVDRip.XViD.avi
2013-12-18 07:57 - 2013-09-26 06:03 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 07:57 - 2013-09-26 05:58 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 07:57 - 2013-09-26 05:58 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 23:49 - 2013-12-17 23:49 - 79342623 _____ C:\Users\Katrin\Desktop\pics for rani.rar
2013-12-17 23:48 - 2013-12-17 23:31 - 00000000 ____D C:\Users\Katrin\Desktop\pics for rani
2013-12-16 22:50 - 2013-10-29 22:51 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 22:46 - 2013-10-29 22:51 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-16 22:41 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 13:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 10:09 - 2013-12-13 09:25 - 00020110 ____H C:\Users\Katrin\Desktop\~WRL4049.tmp
2013-12-13 09:22 - 2013-02-08 00:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-10 22:53 - 2013-12-10 22:53 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-12-10 22:53 - 2013-12-10 22:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2013-12-10 22:52 - 2013-12-10 22:52 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-12-10 14:34 - 2013-12-10 14:34 - 00283055 _____ C:\Users\Katrin\Downloads\AllResponses_Logfiles.xlsx
2013-12-10 14:34 - 2013-12-10 14:34 - 00000165 ____H C:\Users\Katrin\Downloads\~$AllResponses_Logfiles.xlsx
2013-12-08 17:55 - 2013-04-25 09:58 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000UA
2013-12-08 17:55 - 2013-04-25 09:58 - 00003646 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000Core
2013-12-08 17:54 - 2013-12-08 15:34 - 00000835 _____ C:\Users\Katrin\Downloads\Pics - Rani.zip
2013-12-08 17:54 - 2013-12-08 15:34 - 00000835 _____ C:\Users\Katrin\Downloads\3 Aug - Caribean festival.zip
2013-12-08 15:35 - 2013-12-08 15:35 - 00000355 _____ C:\Users\Katrin\Computer - Shortcut.lnk
2013-12-08 15:35 - 2013-02-07 22:57 - 00000000 ____D C:\Users\Katrin
2013-12-05 17:11 - 2013-12-05 16:56 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-05 17:11 - 2013-12-05 16:56 - 00000000 ____D C:\Users\Katrin\AppData\Roaming\Copy
2013-12-05 17:08 - 2013-12-05 17:08 - 00000000 ____D C:\Users\Katrin\Desktop\lianne
2013-12-05 17:06 - 2013-12-05 16:58 - 00000000 ___RD C:\Users\Katrin\Copy
2013-12-05 16:55 - 2013-12-05 16:48 - 48530640 _____ (Barracuda Networks, Inc.) C:\Users\Katrin\Downloads\Copy-1.37.0546.exe
2013-12-05 00:20 - 2013-12-05 00:20 - 30694824 _____ (Oracle Corporation) C:\Users\Katrin\Downloads\jre-7u45-windows-x64(1).exe
2013-12-04 23:26 - 2013-12-04 23:27 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-04 23:26 - 2013-12-04 23:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-04 23:26 - 2013-12-04 23:27 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-04 23:26 - 2013-12-04 23:27 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-04 23:26 - 2013-12-04 23:26 - 00000000 ____D C:\Program Files\Java
2013-12-04 23:26 - 2013-12-04 23:25 - 30694824 _____ (Oracle Corporation) C:\Users\Katrin\Downloads\jre-7u45-windows-x64.exe
2013-12-04 22:44 - 2013-11-29 08:53 - 00017101 ____H C:\Users\Katrin\Desktop\~WRL0006.tmp
2013-12-04 17:56 - 2013-12-04 17:22 - 00017995 ____H C:\Users\Katrin\Desktop\~WRL0005.tmp
2013-11-29 11:18 - 2013-03-02 00:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-29 11:18 - 2012-03-19 09:48 - 00000000 ____D C:\ProgramData\Skype
2013-11-29 10:56 - 2013-11-29 08:53 - 00016495 ____H C:\Users\Katrin\Desktop\~WRL0834.tmp
2013-11-29 08:53 - 2013-11-29 08:53 - 00000000 ____H C:\Users\Katrin\Desktop\~WRL2340.tmp
2013-11-28 22:21 - 2013-11-28 20:32 - 334647700 _____ C:\Users\Katrin\Downloads\Surface03.rar
2013-11-28 20:20 - 2013-09-26 05:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
Some content of TEMP:
====================
C:\Users\Katrin\AppData\Local\Temp\avgnt.exe
C:\Users\Katrin\AppData\Local\Temp\dsNCInst64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-20 18:28
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2013 01
Ran by Katrin at 2013-12-28 13:07:03
Running from C:\Users\Katrin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
µTorrent (x32 Version: 3.3.0.29038)
Aangifte inkomstenbelasting 2012 (x32)
Acer Backup Manager (x32 Version: 3.0.0.100)
Acer Crystal Eye Webcam (x32 Version: 1.5.2624.00)
Acer ePower Management (x32 Version: 6.00.3010)
Acer eRecovery Management (x32 Version: 5.00.3508)
Acer Instant Update Service (Version: 1.00.3001)
Acer ScreenSaver (x32 Version: 20.11.1107.1418)
Acer Updater (x32 Version: 1.02.3501)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.222)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
AMD Accelerated Video Transcoding (Version: 2.00.0000)
AMD APP SDK Runtime (Version: 10.0.873.1)
AMD Catalyst Install Manager (Version: 3.0.864.0)
AMD Media Foundation Decoders (Version: 1.0.70229.1348)
AMD Steady Video Plug-In (Version: 2.03.0000)
AMD VISION Engine Control Center (x32 Version: 2012.0229.1329.23957)
Atheros Bluetooth Suite (64) (Version: 7.4.0.122)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.0.12.13)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Backup Manager V3 (x32 Version: 3.0.0.100)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0229.1329.23957)
Catalyst Control Center InstallProxy (x32 Version: 2012.0229.1329.23957)
Catalyst Control Center Localization All (x32 Version: 2012.0229.1329.23957)
CCC Help Chinese Standard (x32 Version: 2012.0229.1328.23957)
CCC Help Chinese Traditional (x32 Version: 2012.0229.1328.23957)
CCC Help Czech (x32 Version: 2012.0229.1328.23957)
CCC Help Danish (x32 Version: 2012.0229.1328.23957)
CCC Help Dutch (x32 Version: 2012.0229.1328.23957)
CCC Help English (x32 Version: 2012.0229.1328.23957)
CCC Help Finnish (x32 Version: 2012.0229.1328.23957)
CCC Help French (x32 Version: 2012.0229.1328.23957)
CCC Help German (x32 Version: 2012.0229.1328.23957)
CCC Help Greek (x32 Version: 2012.0229.1328.23957)
CCC Help Hungarian (x32 Version: 2012.0229.1328.23957)
CCC Help Italian (x32 Version: 2012.0229.1328.23957)
CCC Help Japanese (x32 Version: 2012.0229.1328.23957)
CCC Help Korean (x32 Version: 2012.0229.1328.23957)
CCC Help Norwegian (x32 Version: 2012.0229.1328.23957)
CCC Help Polish (x32 Version: 2012.0229.1328.23957)
CCC Help Portuguese (x32 Version: 2012.0229.1328.23957)
CCC Help Russian (x32 Version: 2012.0229.1328.23957)
CCC Help Spanish (x32 Version: 2012.0229.1328.23957)
CCC Help Swedish (x32 Version: 2012.0229.1328.23957)
CCC Help Thai (x32 Version: 2012.0229.1328.23957)
CCC Help Turkish (x32 Version: 2012.0229.1328.23957)
ccc-utility64 (Version: 2012.0229.1329.23957)
CCleaner (Version: 4.09)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
Dropbox (HKCU Version: 2.2.6)
ETDWare PS/2-X64 10.6.10.8_WHQL (Version: 10.6.10.8)
FastStone Image Viewer 4.8 (x32 Version: 4.8)
Foxit Reader (x32 Version: 6.0.3.524)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Launch Manager (x32 Version: 5.1.15)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Language Pack 2010 - Dutch/Nederlands (x32 Version: 14.0.7015.1000)
Microsoft Office O MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (Dutch) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office X MUI (Dutch) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
PhonerLite 1.95 (x32 Version: 1.95)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 3.1)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6559)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.28104)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32)
Skype™ 6.11 (x32 Version: 6.11.102)
System Requirements Lab Detection (x32 Version: 1.0.5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
==================== Restore Points =========================
16-12-2013 21:45:29 Windows Update
22-12-2013 15:42:34 Windows Update
25-12-2013 20:47:20 Removed ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
25-12-2013 20:48:17 Removed عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
26-12-2013 16:11:43 Windows Update
28-12-2013 01:40:20 Installed Java 7 Update 45
28-12-2013 01:45:15 Removed Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
28-12-2013 01:45:43 Removed Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
28-12-2013 01:46:18 Removed Windows Live Mesh ActiveX-objekt til fjernforbindelser
28-12-2013 01:48:19 Removed Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
28-12-2013 01:48:45 Removido Controle ActiveX do Windows Live Mesh para Conexões Remotas
28-12-2013 01:49:23 Removed Control ActiveX Windows Live Mesh pentru conexiuni la distanță
28-12-2013 01:53:51 Removed Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
28-12-2013 01:58:10 Removed عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
28-12-2013 01:58:42 Removed Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
28-12-2013 11:51:52 Removed Windows Live Meshin etäyhteyksien ActiveX-komponentti
28-12-2013 11:54:28 Removed Control ActiveX del Windows Live Mesh per a connexions remotes
28-12-2013 11:54:52 Removed Элемент управления Windows Live Mesh ActiveX для удаленных подключений
28-12-2013 11:55:28 Removed ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
28-12-2013 11:55:54 Removed ActiveX контрола на Windows Live Mesh за отдалечени връзки
28-12-2013 11:56:52 Removed Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
28-12-2013 11:57:21 已移除 適用遠端連線的 Windows Live Mesh ActiveX 控制項
28-12-2013 11:57:53 Removed Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
28-12-2013 11:58:25 Removido Controlo ActiveX do Windows Live Mesh para Ligações Remotas
28-12-2013 11:58:55 Quitado Control ActiveX de Windows Live Mesh para conexiones remotas
28-12-2013 11:59:29 Removed Contrôle ActiveX Windows Live Mesh pour connexions à distance
28-12-2013 12:00:05 Removed פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
28-12-2013 12:00:39 Removed Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
28-12-2013 12:01:10 Removed Kontrola Windows Live Mesh ActiveX za daljinske veze
28-12-2013 12:01:42 Removed Windows Live Mesh ActiveX control for remote connections
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02BD4F48-C992-4163-8857-378C3F0F99E4} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {174122E6-45EB-4652-9F2E-DFFAAAB845B6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2E738AB7-165D-4D92-8B90-FF7F6B79AFD6} - System32\Tasks\automatic shutdown => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {3419A082-9C7F-4A50-B64D-ACFD72B1C92B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3C80005C-9322-4D4E-BC77-6C3293A2EB86} - System32\Tasks\{6FCA09AA-10D4-4131-8568-15BF54081AF4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.59.106/en/abandoninstall?page=tsMain
Task: {3CD5AFD5-4A50-445F-AA50-F69DA5990CA3} - System32\Tasks\{6A4BC907-25F2-40C6-8F1B-F32DD2306CF3} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.59.106/nl/abandoninstall?page=tsBing
Task: {6A7C487E-B53B-44BE-AF25-7AAC60B4A21C} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {6F243D1B-9729-40DD-A442-C73CA5F3764A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000UA => C:\Users\Katrin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-25] (Google Inc.)
Task: {70A40445-9722-4D0F-B557-D1B966870975} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {8417B2E3-4AFA-44D5-9EEA-895DDFE59A6D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000Core => C:\Users\Katrin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-25] (Google Inc.)
Task: {9240B823-7DCC-4C81-A9AD-62684BAB1FD2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {99A17EFD-8536-4318-B57C-F7AB326783FE} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {CF1F1A34-B76B-4667-AE2D-ECEE7C414E91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000Core.job => C:\Users\Katrin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-588370504-2637819077-3987119145-1000UA.job => C:\Users\Katrin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-26 05:59 - 2013-09-26 05:56 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-25 04:00 - 2013-12-23 01:01 - 03559024 _____ () C:\Program Files\mozjs.dll
2013-09-25 04:52 - 2013-09-25 04:52 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: H:\
Description: UMS Composite
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Android
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2013 06:54:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2013 02:27:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2013 10:24:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2013 10:21:58 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Description = Configured Microsoft Office Professional Plus 2010; Error = 0x8007043c).
Error: (12/25/2013 10:15:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2013 09:48:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Util lucky leap since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (12/25/2013 09:48:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
System Error:
The system cannot find the file specified.
.
Error: (12/25/2013 09:47:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Util lucky leap since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (12/25/2013 09:47:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
System Error:
The system cannot find the file specified.
.
Error: (12/25/2013 03:39:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/28/2013 00:00:57 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (12/27/2013 11:57:34 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:57:29 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:57:24 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:57:19 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:57:13 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:57:07 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:57:00 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:56:55 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Error: (12/27/2013 11:56:50 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR130, has a bad block.
Microsoft Office Sessions:
=========================
Error: (12/26/2013 06:54:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2013 02:27:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2013 10:24:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2013 10:21:58 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20100x8007043c
Error: (12/25/2013 10:15:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2013 09:48:17 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Util lucky leap since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (12/25/2013 09:48:17 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
System Error:
The system cannot find the file specified.
Error: (12/25/2013 09:47:30 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Util lucky leap since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (12/25/2013 09:47:30 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
System Error:
The system cannot find the file specified.
Error: (12/25/2013 03:39:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 7657.37 MB
Available physical RAM: 4293.39 MB
Total Pagefile: 15312.91 MB
Available Pagefile: 11385.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:457.26 GB) (Free:371.56 GB) NTFS
Drive e: (Media & Documents) (Fixed) (Total:456.16 GB) (Free:277.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D84C0FC4)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=OF Extended)
==================== End Of Log ============================ Ich sollte vielleicht dazu sagen, dass ich das Problem schon laenger als einen Monat habe -seit Anfang Oktober. Seit ein paar Wochen funktioniert mein Touchpad nicht mehr.
Vielen Dank! |